Difference between revisions of "Project Information:Sqlibench - Final Review - Self Evaluation - B"

From OWASP
Jump to: navigation, search
Line 32: Line 32:
 
2. At what extent have the project deliveries & objectives been accomplished?  Having in consideration [[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#SQL_Injector_Benchmarking_Project_.28SQLiBENCH.29|'''the assumed ones''']], please quantify in terms of percentage.
 
2. At what extent have the project deliveries & objectives been accomplished?  Having in consideration [[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#SQL_Injector_Benchmarking_Project_.28SQLiBENCH.29|'''the assumed ones''']], please quantify in terms of percentage.
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
 
  | colspan="2" style="width:75%; background:#cccccc" align="left"|
|-
 
 
  %90-%95 of the deliverables are finished with only two empty spots (creating videos of the preparing the testing environment and writing webscarab-beanshell scripts in order to show the exploits are real). We've also contacted the most of the sql injectors authors and acquired non-published new versions of their tools.  
 
  %90-%95 of the deliverables are finished with only two empty spots (creating videos of the preparing the testing environment and writing webscarab-beanshell scripts in order to show the exploits are real). We've also contacted the most of the sql injectors authors and acquired non-published new versions of their tools.  
 
  |-
 
  |-

Revision as of 04:43, 28 September 2008

.

50% REVIEW PROCESS

Project Deliveries & Objectives

Sqlibench Project's Deliveries & Objectives

QUESTIONS ANSWERS

1. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please exemplify writing down those of them that haven't been realised.

%90-%95 of the overall deliverables are finished. The three unfinished jobs we have are; creating videos of the preparing the environment (nevertheless written documentation has been produced) and writing webscarab-beanshell scripts in order to show the exploits are real (instead we have created a howto document explaining the testing methodology for other benchmarkers, including example runs of sqlmap)

Additional to the %50 review deliverables, here are other deliverables adding upto the %100 review;

1. xml benchmarking report (http://sqlibench.googlecode.com/files/sqlibench_v2.1.xml)

2. tabular pdf benchmarking report (http://sqlibench.googlecode.com/files/sqlibench_matrix_v2.pdf).

3. updated interactive web application (http://www.webguvenligi.org/sqlibench/web/index.php)

4. benchmarker life saver document (http://code.google.com/p/sqlibench/wiki/HowToBenchmark)

2. At what extent have the project deliveries & objectives been accomplished? Having in consideration the assumed ones, please quantify in terms of percentage.

%90-%95 of the deliverables are finished with only two empty spots (creating videos of the preparing the testing environment and writing webscarab-beanshell scripts in order to show the exploits are real). We've also contacted the most of the sql injectors authors and acquired non-published new versions of their tools. 

3. What kind of help is required either from the Reviewers or from the OWASP Community?

We'd love to hear comments on the criteria list we have produced (http://code.google.com/p/sqlibench/wiki/BenchmarkingCriteria).

PART II

Assessment Criteria

OWASP Project Assessment Criteria

QUESTIONS ANSWERS

1. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Alpha Quality status?

2. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Beta Quality status?

3. Having into consideration the OWASP Project Assessment Methodology which criteria, if any, haven’t been fulfilled in terms of Release Quality status?

4. What kind of help is required either from the Reviewers or from the OWASP Community?