Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
Next revisionBoth sides next revision
public:secureprogramming [2014-05-27 08:30] – [OWASP tools] petrspublic:secureprogramming [2014-05-27 08:51] – [OWASP tools] petrs
Line 93: Line 93:
   * [2014] OWASP Access Control Rules Tester Project https://www.owasp.org/index.php/Category:OWASP_Access_Control_Rules_Tester_Project   * [2014] OWASP Access Control Rules Tester Project https://www.owasp.org/index.php/Category:OWASP_Access_Control_Rules_Tester_Project
     * Insufficient Access Control      * Insufficient Access Control 
 +    * TRY
   * AntiSamy https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project_.NET   * AntiSamy https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project_.NET
     * API for ensuring user-supplied HTML/CSS is in compliance within an application's rules     * API for ensuring user-supplied HTML/CSS is in compliance within an application's rules
Line 99: Line 100:
   * [2012] Mutillidae  http://www.irongeek.com/i.php?page=mutillidae/mutillidae-deliberately-vulnerable-php-owasp-top-10    * [2012] Mutillidae  http://www.irongeek.com/i.php?page=mutillidae/mutillidae-deliberately-vulnerable-php-owasp-top-10 
     * Mutillidae contains all of the vulnerabilties from the OWASP Top 10     * Mutillidae contains all of the vulnerabilties from the OWASP Top 10
 +    * TRY
     * http://sourceforge.net/projects/mutillidae/files/mutillidae-project/      * http://sourceforge.net/projects/mutillidae/files/mutillidae-project/ 
   * [2014] OWASP Mantra security testing web browser (build on Firefox) http://www.getmantra.com/owasp-mantra.html   * [2014] OWASP Mantra security testing web browser (build on Firefox) http://www.getmantra.com/owasp-mantra.html
 +    * TRY
     * firefox-based browser with large number of security plugins http://www.getmantra.com/tools.html     * firefox-based browser with large number of security plugins http://www.getmantra.com/tools.html
   * [2013] OWASP Broken Web Applications Project https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project   * [2013] OWASP Broken Web Applications Project https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project
     * application with vulnerabilities, virtual machine     * application with vulnerabilities, virtual machine
 +    * TRY
   * [2014] ByWaf https://www.owasp.org/index.php/OWASP_Bywaf_Project   * [2014] ByWaf https://www.owasp.org/index.php/OWASP_Bywaf_Project
     * web application penetration testing framework, command-line interpreter and a set of plugins      * web application penetration testing framework, command-line interpreter and a set of plugins 
Line 110: Line 114:
   * OWASP Enterprise Security API https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API#tab=Downloads   * OWASP Enterprise Security API https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API#tab=Downloads
     * Java, .NET, ASP, PHP, Python, JavaScript...     * Java, .NET, ASP, PHP, Python, JavaScript...
 +    * TRY
 +  * [2011] Hackademic Challenges https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project
 +    * vulnerable app, challenges
 +    * TRY
 +  * [2014] java-html-sanitizer https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer_Project
 +    *  fast and easy to configure HTML Sanitizer written in Java which lets you include HTML authored by third-parties in your web application while protecting against XSS
 +  * XSS prevention sheet https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet
 +  * [2014] JSON Sanitizer Project https://www.owasp.org/index.php/OWASP_JSON_Sanitizer 
 +    * Given JSON-like content, convert it to valid JSON. Java library
 +  * [2011, 2014?] OWASP LAPSE Project https://www.owasp.org/index.php/OWASP_LAPSE_Project
 +    * Security Scanner for Java EE Applications
 +    * eclipse plugin
 +    * TRY
 +  * [2014] OWASP OWTF, the Offensive (Web) Testing Framework https://www.owasp.org/index.php/OWASP_OWTF 
 +  * [2013] OWASP Security Shepherd https://www.owasp.org/index.php/OWASP_Security_Shepherd
 +    * TRY
 +    * security teaching application, CTF
 +  * [2014] XSS detection toolkit https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework
 +    * TRY
 +  * [2014] OWASP ZED Attack Proxy Project https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
 +    * TRY
 +  * [2014] OSAFT https://www.owasp.org/index.php/O-Saft
 +    * ssl testing and auditing tool
 +    * tool to show informations about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations
 +    * try