Difference between revisions of "SpoC 007 - OWASP Site Generator"

From OWASP
Jump to: navigation, search
Line 8: Line 8:
 
'''Project Progress''': 20% Complete, [[SpoC 007 - OWASP Site Generator - Progress Page|Progress Page]]
 
'''Project Progress''': 20% Complete, [[SpoC 007 - OWASP Site Generator - Progress Page|Progress Page]]
  
== Boris - OWASP Site Generator ==
+
== OWASP Site Generator ==
  
  
Line 38: Line 38:
  
 
Well, probably because of my past work on AoC (I just hope that won’t be the reason for me not to be sponsored :)  
 
Well, probably because of my past work on AoC (I just hope that won’t be the reason for me not to be sponsored :)  
 +
 +
 +
=== Development Links ===
 +
'''[http://www.owasp.org/index.php/OWASP_OSG_Functional_Spec OWASP Site Generator Functional Specification]'''
  
  
 
'''[http://www.owasp.org/index.php/OWASP_Spring_Of_Code_2007_Selection Back to SpoC 007 Selection page]'''
 
'''[http://www.owasp.org/index.php/OWASP_Spring_Of_Code_2007_Selection Back to SpoC 007 Selection page]'''

Revision as of 18:48, 27 March 2008

Back to SpoC 007 Selection page


AoC Candidate: Boris

Project coordinator: Dinis Cruz

Project Progress: 20% Complete, Progress Page

Contents

OWASP Site Generator

Executive Summary

OWASP Site Generator is a great tool, but it could be even better and more widespread. There’s a lot room for improvements to both its functionality and user experience. The way I see it, main user needs to be addressed and specific development objectives for the next release of OWASP Site Generator would be the following.

User Needs

  • Create multiple types of sites easily
  • Track and analyze requests easily
  • Change the look and feel of the resulting sites easily
  • Create sites for multiple web backend technologies easily
  • Learn how to use OWASP Site Generator easily

Development Objectives

  • Create a vulnerability library that can be used for web services, HTML forms, AJAX, etc. instead of having to craft the same attack for each
  • Add support for logging of all received requests, as well as querying resulting log files
  • "Templatize" the code generation process, so it can support skinning of the resulting sites
  • "Templatize" the code generation process, so it can support different backend web technologies
  • Fix all significant defects in the current release of OWASP Site Generator
  • Redesign the GUI to make it more efficient and user friendly
  • Create a smooth setup program which would install both client and server components as effortlessly as possible
  • Write documentation and articles about it
  • Make the development process open to the public and, hopefully, driven by its feedback from day one

Why I should be sponsored for the project

Well, probably because of my past work on AoC (I just hope that won’t be the reason for me not to be sponsored :)


Development Links

OWASP Site Generator Functional Specification


Back to SpoC 007 Selection page