OWASP received 88 proposals this year, but needs 50+ more mentors or some amazing students will be lost this year in the GSoC 2014, please don’t let this happen, here is what you can do:
Case 1) Mentoring for OWASP projects that are not OWTF
If you are interested in mentoring/co-mentoring OWASP projects that are NOT OWTF:
Step 1) Decide what OWASP project to mentor from here:
Step 2) Contact Samantha (samantha.groves at owasp.org) or Kostas (konstantinos at owasp.org) ASAP!
More info: http://lists.owasp.org/pipermail/owasp_project_leader_list/2014-March/000128.html
Case 2) Mentoring for OWASP OWTF
If you are interested in mentoring/co-mentoring for OWASP OWTF, here is the background:
Step 1) Choose one of the projects below
Step 2) Please contact me ASAP: firstname.lastname@example.org -Minor thinking required ;)-
All the top OWASP OWTF candidates are already contributors and/or technically very strong, have solid plans, have a deep understanding of their projects (all of which were carefully discussed and reviewed by the team for feasibility in advance), and mentoring needs will be minimal (i.e. they know what to do).
At this point, we don’t know slots or final ranking, but the projects/ideas that we believe that have a solid candidate to stand a chance (if the planets and other things align) are as follows:
- 1.9 OWASP OWTF – Flexible plugin mappings
- 1.10 OWASP OWTF – Free Passive Online scanner + Remediation Boilerplate Templates
- 1.11 OWASP OWTF – Automated Vulnerability Severity Rankings
- 1.12 OWASP OWTF – Zest support and ZAP integration
- 1.13 OWASP OWTF – Improved Proxification and Plug-n-Hack support
- 1.14 OWASP OWTF – Stateful Browser with configurable authentication
- 1.15 OWASP OWTF – Testing Framework Improvements
- 1.16 OWASP OWTF – Python version upgrade and compatibility
- WAF bypasser module (idea not in the wiki but discussed with us, for more info just ping me)
- Search Backend (idea not in the wiki but discussed with us, for more info just ping me)
What do you need to be an OWTF mentor?
- Must have: 1 x email address @any_domain (i.e. @gmail.com, @owasp.org, etc.)