UPDATE 04/09/2013: Added link to AppSec EU video UPDATE 26/08/2013: Added Plug-n-Hack support link. OWASP AppSec EU 2013 and HackPra AllStars were both a blast this week: I would like to use this opportunity to let you know that: OWASP OWTF is always actively looking for contributors, bug reports / ideas. The slides for the …
IMPORTANT NOTE: Some of the new features require the use of the “–dev” flag, please report any issues you find in our github page. Thanks! This is another a very significant release which includes the continued outstanding work of the following Google Summer of Code Projects: OWASP OWTF – INBOUND PROXY WITH MiTM & CACHING …
A common complaint for OWTF was that the report was “ugly”, now it’s your turn to change that: This project has a community voting phase, so we need your help to choose the upcoming OWASP OWTF report default style, layout and skin: OWASP OWTF – Reporting by Assem Chelli (Dedicated Mentor: Gareth Heyes, Co-Mentors: Johanna …
This is a very significant release which includes the initial outstanding work of the following Google Summer of Code Projects: OWASP OWTF – INBOUND PROXY WITH MiTM & CACHING CAPABILITIES by Bharadwaj Machiraju (Dedicated Mentor: Krzysztof Kotowicz, Co-Mentors: Javier Marcos de Prado, Martin Johns, Abraham Aranguren) Pre-implementation research document<– FEEDBACK Welcome! MiTM proxy benchmarks <– …
As you may know, OWASP OWTF took part in the GSoC 2013. It was somewhat surprising (also to me) that OWTF got 4 slots, the same as ZAP (an OWASP flagship project I have a lot of respect for) and OWASP as an organisation in 2012. Instead of writing a blog post about my personal …
As a wrapper tool that depends on many tools, the migration from Backtrack to Kali Linux has been a bit of a challenge for the OWTF development team: Many tools were removed, all tools and dictionaries changed their locations, some tools were not working anymore, other tools had to be replaced by better ones and coordinating GSoC …
If you have an owasp.org account, are familiar with python and would be willing to mentor some students OWASP OWTF needs you 🙂 5 students that applied to work on the Google Summer of Code 2013 for OWASP OWTF made it to the top 11 and OWASP got 11 slots this year. However, I cannot mentor …
Pentesting like a Grandmaster materials – BSides London 2013 UPDATE: 2013-07-28 – Added link to BSides London talk interview NOTE: Will update the post as soon as video is available only slides and demos for now 🙂 BSides London 2013 was a blast as previous years, I received a lot of good feedback during the …
UPDATE: This probably only affects the VMWare image, you will know if it also affects the Kali install if your hashes match my sample hashes below. So the fine folks at offensive security released this new distro called “Kali Linux” recently, which is essentially: Replacing Backtrack Based on Debian (instead of Ubuntu) One of the …
Illusionism is just another form of Social Engineering (SE): The magician attempts to draw attention away from the trick to create an illusion of making the impossible possible. During the weekend I saw three fun tricks by Steven Fryne (aka Dynamo), the first one (walking on water) additionally shows the power of the media as …
