Blog

As announced at AppSec EU recently. OWASP OWTF has (thank you!):

• $2000 from Google
• €5000 from Brucon

Instead of taking this to pay myself for working on OWTF in my spare time, I’m giving it away so that others are paid to work on OWTF: There is a contest to apply for this money and you can apply to all or part of it.

Timeline:

• September 8th – October 15th: Call for OWASP OWTF Proposals
• October 16th – 21st (might end sooner): Review of proposals by CFP panel
• October 21st (might be earlier): Public winner(s) announcement

To apply please click here.
NOTE: You can change your proposal as many times as you want until October 15th.
NOTE 2: Each candidate can submit more than one proposal

Contest rules (IMPORTANT: Subject to minor modifications, keep an eye on this):

• Project payment will be performed upon project completion
• Contributing to OWASP OWTF in advance of acceptance will award extra points
• The technical strength of the candidate will award extra points (especially with proof such as a github page)
• Regarless of your technical strength a decent proposal will award extra points
• The proposed project must be relevant to the OWASP OWTF mission: “To cover as much from the OWASP Testing Guide and the Penetration Testing Execution Standard as it is feasible”

Need help?

• New to OWTF? watch this (1h of demos!). This might also help.
• Get up to speed on where the project is at now (and read/watch this)
• Have a look at the issues on the github repository.
• Have a look at the GSoC Ideas for this year for inspiration (most of these are already implemented, but you can look at other projects and offer something similar for OWTF) 
• OWTF Ideas that were not completed this year where: Stateful Browser, SQL Database and Python upgrade.
• Contact me if you have more questions search “contact” in this page, think, and send me an email 🙂

FAQ

Q: Does the proposal have to fit into the Google Form text box? or can I append a file with the fully-explained proposal?
A: If you can provide a link to a public but not searchable google document or PDF in dropbox or an alternative service, that’s OK. This is probably better since you will be able to add some graphs to explain what you are proposing and the proposal will be easier to understand for reviewers then.

Q: Is it possible to start working in January 2014?
A: Yes, you can specify the start and end dates that suit you best in your proposal, these are mandatory fields in your submission.

Q: Is it necessary to have a CV?
A: Of course not! However, some proof of your skills would be nice (github account, prior involvement in open source projects, doing something for owtf and point to a pull request, whatever)