OWASP Xelenium Project

From OWASP
Revision as of 13:05, 21 July 2012 by V Vasanthkumar (Talk | contribs)

Jump to: navigation, search

Main

Hello Everyone,

Warm Greetings!!! Welcome to the official page of 'OWASP Xelenium' project!!!

Xelenium is a security testing tool that can be used to identify the security vulnerabilities present in the web application. Xelenium uses the open source functional test automation tool 'Selenium' as its engine and has been built using Java swing.

Xelenium has been designed considering that it should obtain very few inputs from users in the process of discovering the bugs.

Current version of Xelenium can be found here: http://sourceforge.net/projects/xeleniumsecurit/. Current version helps the user in identifying the Cross Site Scripting (XSS) threats present in the web application. In the subsequent versions, Xelenium will be enhanced such that it could identify the other leading threats.

Please refer the road map for future plans.


PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Xelenium
Purpose: Xelenium is a security testing automation tool that helps the user in identifying the security vulnerabilities present in the application. Xelenium uses powerful features of open source functional test automation tool - Selenium in identifying the security threats.
License: GNU GPL v3
who is working on this project?
Project Leader(s):
  • Vasanthkumar Velayudham @
Project Contributor(s):
  • Tarunkumar Bahaduria @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: [Current Status:

Current version of Xelenium allows the user in identifying Cross Site Scripting (XSS) threats present in the web application.

July'12:

Addressing the current limitations of Xelenium

- Support for textboxes present in multiple iframes of a window. - Support for predefined values of the field.

Aug'12:

Including the feature to identify DOM based XSS in web application.

Sep - Oct'12:

Including the feature to identify HTTP Splitting bugs in web application.

Nov - Dec'12:

Including the feature to identify SQL injection bugs in web application. View]

Key Contacts
  • Contact Vasanthkumar Velayudham @ to contribute to this project
  • Contact Vasanthkumar Velayudham @ to review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases