Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
public:secureprogramming [2014-09-11 11:51] – [OWASP tools] petrs | public:secureprogramming [2014-09-11 12:10] – [Notes] petrs | ||
---|---|---|---|
Line 91: | Line 91: | ||
* IDE integration vs. standalone / server-based tool | * IDE integration vs. standalone / server-based tool | ||
* Miro - Coverity experience | * Miro - Coverity experience | ||
- | * 3 bc works | + | * 3 bc theses |
+ | * Use owasp tools, test against vulnerable apps, evaluate | ||
+ | * Implement personalized testing scenarios inside given framework (he Web Application Hacker' | ||
+ | * multiple scenarios, every week demonstration of progress | ||
* Metrics (owasp top 10) | * Metrics (owasp top 10) | ||
Line 133: | Line 136: | ||
* TRY | * TRY | ||
* [2014] OWASP OWTF, the Offensive (Web) Testing Framework https:// | * [2014] OWASP OWTF, the Offensive (Web) Testing Framework https:// | ||
+ | * [2014] XSS detection toolkit https:// | ||
+ | * TRY | ||
+ | * [2014] OWASP ZED Attack Proxy Project https:// | ||
+ | * TRY | ||
+ | * [2014] OSAFT https:// | ||
+ | * ssl testing and auditing tool | ||
+ | * tool to show informations about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations | ||
+ | * try | ||
==== Vulnerable app / distro / hackme challenges ==== | ==== Vulnerable app / distro / hackme challenges ==== | ||
Line 149: | Line 160: | ||
* vulnerable app, challenges | * vulnerable app, challenges | ||
* TRY | * TRY | ||
+ | * [2013] OWASP Security Shepherd https:// | ||
+ | * TRY | ||
+ | * security teaching application, | ||
==== Security-supporting library ==== | ==== Security-supporting library ==== | ||
Line 169: | Line 183: | ||
- | * [2013] OWASP Security Shepherd https:// | ||
- | * TRY | ||
- | * security teaching application, | ||
- | * [2014] XSS detection toolkit https:// | ||
- | * TRY | ||
- | * [2014] OWASP ZED Attack Proxy Project https:// | ||
- | * TRY | ||
- | * [2014] OSAFT https:// | ||
- | * ssl testing and auditing tool | ||
- | * tool to show informations about SSL certificate and tests the SSL connection according given list of ciphers and various SSL configurations | ||
- | * try | ||