Difference between revisions of "Project Information:template WSFuzzer Project"

From OWASP
Jump to: navigation, search
(12 intermediate revisions by 4 users not shown)
Line 7: Line 7:
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''  
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''  
 
  | colspan="6" style="width:85%; background:#cccccc" align="left"|  
 
  | colspan="6" style="width:85%; background:#cccccc" align="left"|  
WSFuzzer is a GPL'd program, written in Python, that currently targets Web Services. In the current version HTTP based SOAP services are the main target. This tool was created based on, and to automate, some real-world manual SOAP pen testing work. This tool is NOT meant to be a replacement for solid manual human analysis. Please view WSFuzzer as a tool to augment analysis performed by competent and knowledgable professionals. Web Services are not trivial in nature so expertise in this area is a must for proper pen testing.  
+
WSFuzzer is a LGPL'd program, written in Python, that currently targets Web Services. In the current version HTTP based SOAP services are the main target. This tool was created based on, and to automate, some real-world manual SOAP pen testing work. This tool is NOT meant to be a replacement for solid manual human analysis. Please view WSFuzzer as a tool to augment analysis performed by competent and knowledgable professionals. Web Services are not trivial in nature so expertise in this area is a must for proper pen testing.  
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Email Contacts'''
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Email Contacts'''
 
  | style="width:14%; background:#cccccc" align="center"|Project Leader<br>[mailto:andres(at)neurofuzz.com '''Andres Andreu ''']
 
  | style="width:14%; background:#cccccc" align="center"|Project Leader<br>[mailto:andres(at)neurofuzz.com '''Andres Andreu ''']
  | style="width:14%; background:#cccccc" align="center"|Project Contributors<br>(if applicable)<br>[mailto:ccbanciu(at)gmail.com '''Cosmin Banciu''']
+
  | style="width:14%; background:#cccccc" align="center"|Project Contributors<br>[mailto:ccbanciu(at)gmail.com '''Cosmin Banciu''']
 
  | style="width:14%; background:#cccccc" align="center"|[https://lists.owasp.org/mailman/listinfo/owasp-wsfuzzer '''Mailing List/Subscribe''']<br>[mailto:owasp-wsfuzzer(at)lists.owasp.org '''Mailing List/Use''']
 
  | style="width:14%; background:#cccccc" align="center"|[https://lists.owasp.org/mailman/listinfo/owasp-wsfuzzer '''Mailing List/Subscribe''']<br>[mailto:owasp-wsfuzzer(at)lists.owasp.org '''Mailing List/Use''']
  | style="width:14%; background:#cccccc" align="center"|First Reviewer<br>[mailto:name(at)name '''Name''']
+
  | style="width:14%; background:#cccccc" align="center"|First Reviewer<br>[mailto:ah(at)securenet(dot)de '''Achim Hoffmann''']<br>[https://www.owasp.org/index.php/User:Achim Profile]<br>(TBC)
 
  | style="width:14%; background:#cccccc" align="center"|Second Reviewer<br>[mailto:name(at)name '''Name''']
 
  | style="width:14%; background:#cccccc" align="center"|Second Reviewer<br>[mailto:name(at)name '''Name''']
 
  | style="width:15%; background:#cccccc" align="center"|OWASP Board Member<br>[mailto:name(at)name '''Name&Email''']
 
  | style="width:15%; background:#cccccc" align="center"|OWASP Board Member<br>[mailto:name(at)name '''Name&Email''']
Line 21: Line 21:
 
  |-
 
  |-
 
  | style="width:100%; background:#cccccc" align="center"|
 
  | style="width:100%; background:#cccccc" align="center"|
[http://www.neurofuzz.com/modules/software/vidz.php Check out a video of WSFuzzer in action]<br>
+
Check out a video of [http://www.neurofuzz.com/modules/software/vidz.php WSFuzzer] in action<br>
[http://sourceforge.net/project/showfiles.php?group_id=155697 Get the tarball from sourceforge]<br>
+
Get the tarball from [http://sourceforge.net/project/showfiles.php?group_id=155697 sourceforge]<br>
* (If appropriate, links to be added)
+
Come and join the [http://www.linkedin.com/e/gis/1192957 Linkedin Group] also, or just search for "WSFuzzer" in the [http://www.linkedin.com/groupsDirectory "Groups"] section within Linkedin
+
 
  |}
 
  |}
 
{| style="width:100%" border="0" align="center"
 
{| style="width:100%" border="0" align="center"
Line 30: Line 29:
 
  |-
 
  |-
 
  | style="width:100%; background:#cccccc" align="center"|
 
  | style="width:100%; background:#cccccc" align="center"|
* (If appropriate, links to be added)
+
Featured in O'REILLY book - [http://oreilly.com/catalog/9780596514839/toc.html Web Security Testing Cookbook]<br>
 +
Included in [http://www.backtrack-linux.org/downloads/ BackTrack] - Backtrack->Vulnerability Identification->Fuzzers->WSFuzzer<br>
 +
Included in the [http://mtesauro.com/livecd/index.php?title=Current_Tool_List OWASP Live CD]<br>
 +
Featured in this [http://www.jroller.com/gmazza/date/20081110 Blog]<br>
 +
Featured in HNN [http://www.hackernews.com/2010/09/26/hnncast-2010-09-24/ HNNCast]<br>
 
  |}
 
  |}
 
{| style="width:100%" border="0" align="center"
 
{| style="width:100%" border="0" align="center"
 
  ! colspan="6" align="center" style="background:#4058A0; color:white"|<font color="white">'''SPONSORS & GUIDELINES'''  
 
  ! colspan="6" align="center" style="background:#4058A0; color:white"|<font color="white">'''SPONSORS & GUIDELINES'''  
 
  |-
 
  |-
  | style="width:50%; background:#cccccc" align="center"|Sponsor name, if applicable  
+
  | style="width:50%; background:#cccccc" align="center"|Current Sponsor: [http://www.neurofuzz.com neuroFuzz, LLC]  
 
  | style="width:50%; background:#cccccc" align="center"|[[:Category:OWASP_WSFuzzer_Project#Goals|'''Goals/Guidelines/Roadmap''']]
 
  | style="width:50%; background:#cccccc" align="center"|[[:Category:OWASP_WSFuzzer_Project#Goals|'''Goals/Guidelines/Roadmap''']]
 
  |}
 
  |}
Line 48: Line 51:
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"|'''First Review'''  
 
  | style="width:15%; background:#7B8ABD" align="center"|'''First Review'''  
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Not yet''' (To update)<br>---------<br>Which status has been reached?<br>'''Beta Status''' - (To update)<br>---------<br>[[Project Information:template WSFuzzer Project - First Review - Self Evaluation - A|See&Edit: First Review/SelfEvaluation (A)]]
+
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes'''<br>---------<br>Which status has been reached?<br>'''Beta Status'''<br>---------<br>[[Project Information:template WSFuzzer Project - First Review - Self Evaluation - A|See&Edit: First Review/SelfEvaluation (A)]]
 
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Not yet''' (To update)<br>---------<br>Which status has been reached?<br>'''Beta Status''' - (To update)<br>---------<br>[[Project Information:template WSFuzzer Project - First Review - First Reviewer - B|See&Edit: First Review/1st Reviewer (B)]]
 
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Not yet''' (To update)<br>---------<br>Which status has been reached?<br>'''Beta Status''' - (To update)<br>---------<br>[[Project Information:template WSFuzzer Project - First Review - First Reviewer - B|See&Edit: First Review/1st Reviewer (B)]]
 
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Beta Status''' - (To update)<br>---------<br>[[Project Information:template WSFuzzer Project - First Review - Second Reviewer - C|See&Edit: First Review/2nd Reviewer (C)]]
 
  | style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Beta Status''' - (To update)<br>---------<br>[[Project Information:template WSFuzzer Project - First Review - Second Reviewer - C|See&Edit: First Review/2nd Reviewer (C)]]
Line 54: Line 57:
 
  |-
 
  |-
 
  |}
 
  |}
 
 
 
 
[[Category:OWASP Project]]
 

Revision as of 19:23, 27 September 2010

PROJECT IDENTIFICATION
Project Name OWASP WSFuzzer Project Project
Short Project Description

WSFuzzer is a LGPL'd program, written in Python, that currently targets Web Services. In the current version HTTP based SOAP services are the main target. This tool was created based on, and to automate, some real-world manual SOAP pen testing work. This tool is NOT meant to be a replacement for solid manual human analysis. Please view WSFuzzer as a tool to augment analysis performed by competent and knowledgable professionals. Web Services are not trivial in nature so expertise in this area is a must for proper pen testing.

Email Contacts Project Leader
Andres Andreu
Project Contributors
Cosmin Banciu
Mailing List/Subscribe
Mailing List/Use
First Reviewer
Achim Hoffmann
Profile
(TBC)
Second Reviewer
Name
OWASP Board Member
Name&Email
PROJECT MAIN LINKS

Check out a video of WSFuzzer in action
Get the tarball from sourceforge
Come and join the Linkedin Group also, or just search for "WSFuzzer" in the "Groups" section within Linkedin

RELATED PROJECTS

Featured in O'REILLY book - Web Security Testing Cookbook
Included in BackTrack - Backtrack->Vulnerability Identification->Fuzzers->WSFuzzer
Included in the OWASP Live CD
Featured in this Blog
Featured in HNN HNNCast

SPONSORS & GUIDELINES
Current Sponsor: neuroFuzz, LLC Goals/Guidelines/Roadmap
ASSESSMENT AND REVIEW PROCESS
Review/Reviewer Author's Self Evaluation
(applicable for Alpha Quality & further)
First Reviewer
(applicable for Alpha Quality & further)
Second Reviewer
(applicable for Beta Quality & further)
OWASP Board Member
(applicable just for Release Quality)
First Review Objectives & Deliveries reached?
Yes
---------
Which status has been reached?
Beta Status
---------
See&Edit: First Review/SelfEvaluation (A)
Objectives & Deliveries reached?
Not yet (To update)
---------
Which status has been reached?
Beta Status - (To update)
---------
See&Edit: First Review/1st Reviewer (B)
Objectives & Deliveries reached?
Yes/No (To update)
---------
Which status has been reached?
Beta Status - (To update)
---------
See&Edit: First Review/2nd Reviewer (C)
Objectives & Deliveries reached?
Yes/No (To update)
---------
Which status has been reached?
Beta Status - (To update)
---------
See/Edit: First Review/Board Member (D)