Difference between revisions of "SpoC 007 - OWASP Site Generator"

From OWASP
Jump to: navigation, search
Line 41: Line 41:
 
'''[http://www.owasp.org/index.php/OWASP_OSG_User_Stories OWASP Site Generator User Stories]'''
 
'''[http://www.owasp.org/index.php/OWASP_OSG_User_Stories OWASP Site Generator User Stories]'''
  
'''[OWASP_SiteGenerator_V2_DFD.pdf OWASP Site Generator Data Flow Diagram]'''
+
'''[https://www.owasp.org/images/8/8a/OWASP_SiteGenerator_V2_DFD.pdf OWASP Site Generator Data Flow Diagram]'''

Revision as of 16:21, 29 March 2008

Back to SpoC 007 Selection page


Project Contributors: Abby Levenberg, Boris Maletic

Project coordinator: Dinis Cruz

Project Progress: 20% Complete, Progress Page

Contents

OWASP Site Generator

Executive Summary

OWASP Site Generator is a great tool, but it could be even better and more widespread. There’s a lot room for improvements to both its functionality and user experience. The way I see it, main user needs to be addressed and specific development objectives for the next release of OWASP Site Generator would be the following.

User Needs

  • Create multiple types of sites easily
  • Track and analyze requests easily
  • Change the look and feel of the resulting sites easily
  • Create sites for multiple web backend technologies easily
  • Learn how to use OWASP Site Generator easily

Development Objectives

  • Create a vulnerability library that can be used for web services, HTML forms, AJAX, etc. instead of having to craft the same attack for each
  • Add support for logging of all received requests, as well as querying resulting log files
  • "Templatize" the code generation process, so it can support skinning of the resulting sites
  • "Templatize" the code generation process, so it can support different backend web technologies
  • Fix all significant defects in the current release of OWASP Site Generator
  • Redesign the GUI to make it more efficient and user friendly
  • Create a smooth setup program which would install both client and server components as effortlessly as possible
  • Write documentation and articles about it
  • Make the development process open to the public and, hopefully, driven by its feedback from day one


Development Links

OWASP Site Generator Functional Specification

OWASP Site Generator User Stories

OWASP Site Generator Data Flow Diagram