Difference between revisions of "Projects/OWASP GoatDroid Project"

From OWASP
Jump to: navigation, search
Line 3: Line 3:
 
| project_home_page = OWASP_Mobile_Security_Project
 
| project_home_page = OWASP_Mobile_Security_Project
 
| project_description =  
 
| project_description =  
*The OWASP GoatDroid Project is the Android equivalent to the iGoat Project. Inspired by WebGoat, this project will help educate Android developers on security issues they’ll encounter when writing applications.
+
*The OWASP GoatDroid Project pays homage to the OWASP WebGoat? Project. It is a fully functional and self-contained environment for learning more about vulnerabilities and security issues for the Android platform.
*The project will be a sub component of the Mobile Security Project and closely tied to the Mobile Top 10 Risks and forthcoming body of knowledge. The initial release will contain 5-7 applications.  The project is however, being designed to be extremely modular and pluggable, making it easy for the community to contribute. The vision is that the initially provided modules will only be a starting point. As new SDK and platform features become available, the community will contribute new lessons that demonstrate their proper and secure usage.
+
*The initial release is of alpha-level maturity and contains a fully functional functional RESTful web service and an Android application to get started. Future releases will add new applications and services, and will expand upon the current codebase to provide new and increasingly difficult to discover security flaws.
*The initial beta release is scheduled for July 2011.
+
*The entire application and framework is Java based. There is no need to install an external web server or container. Each web service runs on embedded Jetty instances and uses the Jersey implementation of JAX-RS.
 
+
*In the first release, solutions will not be provided. You are encouraged to figure out where the holes are and determine the best way to mitigate them. The next release will include the solutions for version 1.
 +
*You can download the project via Google Code: http://code.google.com/p/owasp-goatdroid/
 
   
 
   
 
| project_license =
 
| project_license =

Revision as of 20:07, 15 August 2011

PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP GoatDroid Project (home page)
Purpose:
  • The OWASP GoatDroid Project pays homage to the OWASP WebGoat? Project. It is a fully functional and self-contained environment for learning more about vulnerabilities and security issues for the Android platform.
  • The initial release is of alpha-level maturity and contains a fully functional functional RESTful web service and an Android application to get started. Future releases will add new applications and services, and will expand upon the current codebase to provide new and increasingly difficult to discover security flaws.
  • The entire application and framework is Java based. There is no need to install an external web server or container. Each web service runs on embedded Jetty instances and uses the Jersey implementation of JAX-RS.
  • In the first release, solutions will not be provided. You are encouraged to figure out where the holes are and determine the best way to mitigate them. The next release will include the solutions for version 1.
  • You can download the project via Google Code: http://code.google.com/p/owasp-goatdroid/
License: N/A
who is working on this project?
Project Leader(s):
Project Contributor(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases