Difference between revisions of "Project Information:template SKAVENGER"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
 
{| style="width:100%" border="0" align="center"
 
{| style="width:100%" border="0" align="center"
  ! colspan="6" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION'''  
+
  ! colspan="7" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION'''  
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Project Name'''
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Project Name'''
  | colspan="5" style="width:85%; background:#cccccc" align="left"|<font color="black">'''SKAVENGER'''  
+
  | colspan="6" style="width:85%; background:#cccccc" align="left"|<font color="black">'''SKAVENGER'''  
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short project description'''  
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short project description'''  
 
  | colspan="6" style="width:85%; background:#cccccc" align="left"|Skavenger is a web application security assessment toolkit which arised from many years of professional experience in the web application assessment field and is the result of nearly one your of work. It passively analyzes traffic logged by various MITM proxies (such as WebScarab and Burp) as well as other sources (like Firefox's LiveHTTPHeader plugin) and helps to identify various kinds of possible vulnerabilities (such as XSS, CRLF injection, an insecure session management and several kinds of information disclosure). Skavenger's modular design allows the integration of custom scanning modules without any knowledge about the tool at all.  
 
  | colspan="6" style="width:85%; background:#cccccc" align="left"|Skavenger is a web application security assessment toolkit which arised from many years of professional experience in the web application assessment field and is the result of nearly one your of work. It passively analyzes traffic logged by various MITM proxies (such as WebScarab and Burp) as well as other sources (like Firefox's LiveHTTPHeader plugin) and helps to identify various kinds of possible vulnerabilities (such as XSS, CRLF injection, an insecure session management and several kinds of information disclosure). Skavenger's modular design allows the integration of custom scanning modules without any knowledge about the tool at all.  
 
  |-
 
  |-
  | style="width:15x%; background:#7B8ABD" align="center"|'''Email contacts'''
+
  | style="width:15%; background:#7B8ABD" align="center"|'''Email contacts'''
  | style="width:17%; background:#cccccc" align="center"|Project leader<br>[mailto:mro(at)securenet.de '''Matthias Rohr''']
+
  | style="width:14%; background:#cccccc" align="center"|Project leader<br>[mailto:mro(at)securenet.de '''Matthias Rohr''']
  | style="width:17%; background:#cccccc" align="center"|[mailto:to(at)change '''Project mailing list''']
+
  | style="width:14%; background:#cccccc" align="center"|Project Contributors<br>[mailto:to(at)change '''Name&Email''']<br>[mailto:to(at)change '''Name&Email''']
  | style="width:17%; background:#cccccc" align="center"|First Reviewer<br>[mailto:to(at)change '''Name&Email''']
+
| style="width:14%; background:#cccccc" align="center"|[mailto:to(at)change '''Project mailing list''']
  | style="width:17%; background:#cccccc" align="center"|Second Reviewer<br>[mailto:to(at)change '''Name&Email''']
+
  | style="width:14%; background:#cccccc" align="center"|First Reviewer<br>[mailto:to(at)change '''Name&Email''']
  | style="width:17%; background:#cccccc" align="center"|OWASP Board Member<br>Non applicable
+
  | style="width:14%; background:#cccccc" align="center"|Second Reviewer<br>[mailto:to(at)change '''Name&Email''']
 +
  | style="width:15%; background:#cccccc" align="center"|OWASP Board Member<br>Non applicable
 
  |}
 
  |}
 
{| style="width:100%" border="0" align="center"
 
{| style="width:100%" border="0" align="center"
Line 45: Line 46:
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Final Review'''  
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Final Review'''  
 
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries Reached?<br>'''YES/NO'''<br>Beta Status Reached?<br>'''YES/NO'''<br>[[Project Information:template SKAVENGER Final Review Self Evaluation B|See/Edit Self-Evaluation (B)]]
 
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries Reached?<br>'''YES/NO'''<br>Beta Status Reached?<br>'''YES/NO'''<br>[[Project Information:template SKAVENGER Final Review Self Evaluation B|See/Edit Self-Evaluation (B)]]
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries Reached?<br>'''YES/NO'''<br>Beta Status Reached?<br>'''YES/NO'''<br>See/Edit Self-Evaluation (D)
+
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries Reached?<br>'''YES/NO'''<br>Beta Status Reached?<br>'''YES/NO'''<br>See/Edit First Review (D)
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries Reached?<br>'''YES/NO'''<br>Beta Status Reached?<br>'''YES/NO'''<br>See/Edit Self-Evaluation (F)
+
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries Reached?<br>'''YES/NO'''<br>Beta Status Reached?<br>'''YES/NO'''<br>See/Edit Second Review (F)
 
  | style="width:22%; background:#C2C2C2" align="center"|Non applicable  
 
  | style="width:22%; background:#C2C2C2" align="center"|Non applicable  
 
  |-
 
  |-

Revision as of 08:12, 30 April 2008

PROJECT IDENTIFICATION
Project Name SKAVENGER
Short project description Skavenger is a web application security assessment toolkit which arised from many years of professional experience in the web application assessment field and is the result of nearly one your of work. It passively analyzes traffic logged by various MITM proxies (such as WebScarab and Burp) as well as other sources (like Firefox's LiveHTTPHeader plugin) and helps to identify various kinds of possible vulnerabilities (such as XSS, CRLF injection, an insecure session management and several kinds of information disclosure). Skavenger's modular design allows the integration of custom scanning modules without any knowledge about the tool at all.
Email contacts Project leader
Matthias Rohr
Project Contributors
Name&Email
Name&Email
Project mailing list First Reviewer
Name&Email
Second Reviewer
Name&Email
OWASP Board Member
Non applicable
PROJECT MAIN LINKS
  • Skavenger is completely written in Perl and can be downloaded from Skavenger.
  • (If appropriate, links to be added)
SPONSORS & GUIDELINES
Sponsor - OWASP Summer of Code 2008 Sponsored Project/Guidelines/Roadmap
ASSESSMENT AND REVIEW PROCESS
Author's Self Evaluation First Reviewer Second Reviewer OWASP Board Member
50% Review Objectives & Deliveries Reached?
YES/NO
See/Edit Self-Evaluation (A)
Objectives & Deliveries Reached?
YES/NO
See/Edit First Review (C)
Objectives & Deliveries Reached?
YES/NO
See/Edit Second Review (E)
Non applicable
Final Review Objectives & Deliveries Reached?
YES/NO
Beta Status Reached?
YES/NO
See/Edit Self-Evaluation (B)
Objectives & Deliveries Reached?
YES/NO
Beta Status Reached?
YES/NO
See/Edit First Review (D)
Objectives & Deliveries Reached?
YES/NO
Beta Status Reached?
YES/NO
See/Edit Second Review (F)
Non applicable