Difference between revisions of "Project Information:template Wapiti Project"

From OWASP
Jump to: navigation, search
m
 
(29 intermediate revisions by 3 users not shown)
Line 4: Line 4:
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Project Name'''
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Project Name'''
  | colspan="7" style="width:85%; background:#cccccc" align="left"|<font color="black">''' OWASP Testing Guide V3.0 Project'''  
+
  | colspan="7" style="width:85%; background:#cccccc" align="left"|<font color="black">'''OWASP Wapiti Project'''<br>Web application vulnerability scanner / security auditor
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''  
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''  
  | colspan="7" style="width:85%; background:#cccccc" align="left"|The OWASP Testing Guide includes a "best practice" penetration testing framework which users can implement in their own organizations and a "low level" penetration testing guide that describes techniques for testing most common web application and web service security issues.<br>
+
  | colspan="7" style="width:85%; background:#cccccc" align="left"|
OWASP Testing Guide v3 is a 349 page book; we have split the set of active tests in 9 sub-categories for a total of 66 controls to test during the Web Application Testing activity.  
+
Wapiti allows to audit the security of web applications in an easy way. It performs  a "black-box" scans acting like a fuzzer, injecting payloads to see if an application is vulnerable. It has two principal parts, a crawler that explores the pages of the application and the attack module that injects the payloads and evaluates their responses. Wapiti is easy to use and it can detect the most common vulnerabilities (XSS, SQL Injection, File Handler Errors...). It provides to the user a complete report (html format) with the found vulnerabilities.
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Key Project Information'''
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Key Project Information'''
  | style="width:14%; background:#cccccc" align="center"|Project Leader<br>[[User:Mmeucci|'''Matteo Meucci''']]
+
  | style="width:14%; background:#cccccc" align="center"|Project Leader<br>[[User:Devloop|'''Nicolas Surribas''']]
  | style="width:14%; background:#cccccc" align="center"|Project Contibutors<br>[[:OWASP Testing Guide Contributors|'''See here''']]
+
  | style="width:14%; background:#cccccc" align="center"|Project Contibutors<br>[[User:Albertoes|'''Alberto Pastor Nieto''']]<br>[[User:Dpozog|'''David del Pozo González''']]
  | style="width:14%; background:#cccccc" align="center"|Mailing List<br>[https://lists.owasp.org/mailman/listinfo/owasp-testing '''Subscribe here''']<br>[mailto:owasp-testing(at)lists.owasp.org '''Use here''']
+
  | style="width:14%; background:#cccccc" align="center"|Mailing List<br>[https://lists.owasp.org/mailman/listinfo/owasp-wapiti-project '''Subscribe here''']<br>[mailto:owasp-wapiti-project@lists.owasp.org '''Use here''']
  | style="width:14%; background:#cccccc" align="center"|License<br>[http://creativecommons.org/licenses/by-sa/3.0/ '''Creative Commons Attribution Share Alike 3.0''']
+
  | style="width:14%; background:#cccccc" align="center"|License<br>[http://www.gnu.org/copyleft/lesser.html '''GNU Lesser General Public License''']
  | style="width:14%; background:#cccccc" align="center"|Project Type<br>[[:Category:OWASP_Project#Release Quality Projects|'''Documentation''']]
+
  | style="width:14%; background:#cccccc" align="center"|Project Type<br>[[:Category:OWASP_Project#Alpha_Status_Projects|'''Tool''']]
  | style="width:15%; background:#cccccc" align="center"|Sponsors<br>[[OWASP Summer of Code 2008|'''OWASP SoC 08''']]
+
  | style="width:15%; background:#cccccc" align="center"|Sponsors<br>if any, add link
 
  |}
 
  |}
 
{| style="width:100%" border="0" align="center"  
 
{| style="width:100%" border="0" align="center"  
Line 23: Line 23:
 
  ! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Related Projects'''  
 
  ! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Related Projects'''  
 
  |-
 
  |-
  | style="width:29%; background:#cccccc" align="center"|Provisory '''[[:Category:OWASP Project Assessment#Assessment Scale for OWASP DOCUMENTATION Projects|Release Quality]]'''<br>(Waiting for OWASP Board Member's Review)<br>[[:OWASP Testing Guide 3.0 - Assessment Frame|Please see here for complete information.]]
+
  | style="width:29%; background:#cccccc" align="center"|Provisory '''[[:Category:OWASP Project Assessment#Alpha Quality Tool Criteria|Apha Quality]]'''<br>(under review)<br>[[:OWASP Wapiti Project - Assessment Frame|Please see here for complete information.]]
 
  | style="width:42%; background:#cccccc" align="center"|
 
  | style="width:42%; background:#cccccc" align="center"|
[https://www.owasp.org/images/5/56/OWASP_Testing_Guide_v3.pdf OWASP Testing Guide V 3.0/PDF] - NEW RELEASE!!!<br>About OWASP Testing Guide V 3.0: [http://www.owasp.org/images/2/2c/OWASP_EU_Summit_2008_OWASP_Testing_Guide_v3.ppt PowerPoint]<br>[[:OWASP Testing Guide v3 Table of Contents|OWASP Testing Guide v3 Table of Contents]]  
+
[http://www.ict-romulus.eu/web/wapiti '''OWASP Wapiti Project''']<br>
  | style="width:29%; background:#cccccc" align="center"|[[:Image:OWASP Testing Guide v2 pdf.zip|OWASP Testing V 2.0]]<br>[[:Category:OWASP Guide Project|OWASP Development Guide Project]]<br>[[:Category:OWASP Code Review Project|OWASP Code Review Project]]<br>[[:Category:OWASP ASDR Project|OWASP ASDR Project]]
+
[http://sourceforge.net/projects/wapiti/ '''Project's Sourceforge Repository''']
 +
  | style="width:29%; background:#cccccc" align="center"|[http://www.ict-romulus.eu '''ICT Romulus Project''']
 
  |}
 
  |}
 
----
 
----

Latest revision as of 02:49, 29 April 2009


PROJECT INFORMATION
Project Name OWASP Wapiti Project
Web application vulnerability scanner / security auditor
Short Project Description

Wapiti allows to audit the security of web applications in an easy way. It performs a "black-box" scans acting like a fuzzer, injecting payloads to see if an application is vulnerable. It has two principal parts, a crawler that explores the pages of the application and the attack module that injects the payloads and evaluates their responses. Wapiti is easy to use and it can detect the most common vulnerabilities (XSS, SQL Injection, File Handler Errors...). It provides to the user a complete report (html format) with the found vulnerabilities.

Key Project Information Project Leader
Nicolas Surribas
Project Contibutors
Alberto Pastor Nieto
David del Pozo González
Mailing List
Subscribe here
Use here
License
GNU Lesser General Public License
Project Type
Tool
Sponsors
if any, add link
Release Status Main Links Related Projects
Provisory Apha Quality
(under review)
Please see here for complete information.

OWASP Wapiti Project
Project's Sourceforge Repository

ICT Romulus Project