IMPORTANT NOTE: Some of the new features require the use of the “–dev” flag, please report any issues you find in our github page. Thanks! This is another a very significant release which includes the continued outstanding work of the following Google Summer of Code Projects: OWASP OWTF – INBOUND PROXY WITH MiTM & CACHING …
A common complaint for OWTF was that the report was “ugly”, now it’s your turn to change that: This project has a community voting phase, so we need your help to choose the upcoming OWASP OWTF report default style, layout and skin: OWASP OWTF – Reporting by Assem Chelli (Dedicated Mentor: Gareth Heyes, Co-Mentors: Johanna …
This is a very significant release which includes the initial outstanding work of the following Google Summer of Code Projects: OWASP OWTF – INBOUND PROXY WITH MiTM & CACHING CAPABILITIES by Bharadwaj Machiraju (Dedicated Mentor: Krzysztof Kotowicz, Co-Mentors: Javier Marcos de Prado, Martin Johns, Abraham Aranguren) Pre-implementation research document<– FEEDBACK Welcome! MiTM proxy benchmarks <– …
As you may know, OWASP OWTF took part in the GSoC 2013. It was somewhat surprising (also to me) that OWTF got 4 slots, the same as ZAP (an OWASP flagship project I have a lot of respect for) and OWASP as an organisation in 2012. Instead of writing a blog post about my personal …
As a wrapper tool that depends on many tools, the migration from Backtrack to Kali Linux has been a bit of a challenge for the OWTF development team: Many tools were removed, all tools and dictionaries changed their locations, some tools were not working anymore, other tools had to be replaced by better ones and coordinating GSoC …
If you have an owasp.org account, are familiar with python and would be willing to mentor some students OWASP OWTF needs you 🙂 5 students that applied to work on the Google Summer of Code 2013 for OWASP OWTF made it to the top 11 and OWASP got 11 slots this year. However, I cannot mentor …
Pentesting like a Grandmaster materials – BSides London 2013 UPDATE: 2013-07-28 – Added link to BSides London talk interview NOTE: Will update the post as soon as video is available only slides and demos for now 🙂 BSides London 2013 was a blast as previous years, I received a lot of good feedback during the …
Here are a few links if you want to download the materials from the OWASP OWTF BruCon 2012 workshop that happened last week in Ghent, Belgium: – The slides are now online in slideshare – The demos, code and slides PDF can be downloaded from either of these: The OWTF Project Github page The BruCon …
IMPORTANT: If you are attending the “Introducing OWTF” BruCon workshop on Wednesday please download the latest OWASP OWTF and latest DEMO Report. Thank you! Another round of GIT hell has taught me a couple of things but finally, OWASP OWTF 0.15 is here for your entertainment! OWTF 0.15 “BruCon” is dedicated with special love to …
UPDATE: I will update this blog post with links to the video when available NOTE: Remember there is a Download option in slideshare :). “That was best description of why cross domain policy is bad I’ve ever heard” – Full props to Robin Wood for those kind words re this talk! There are three versions …
