Search the Community

I. Description The OWASP ASVS Assessment Tool (OWAAT) has been developed by Mahmoud Ghorbanzadeh (mdgh (a) aut.ac.ir) at Amirkabir University of Technology's Computer Emergency Response Team (APA). OWAAT is a tool, used to verify Web applications security conformance to the OWASP Application Security Verification Standard (ASVS). OWAAT is a Web-based tool and provides team work capabilities. It allows to create multiple assessment projects and assign assessment tasks to different users. II. Installation Please follow installation wizard: http://YourWebSite/asvs/install/ III. Programs have been used (In alphabetical order) Chosen: Chosen: A jQuery Plugin by Harvest to Tame Unwieldy Select Boxes iCheck: Checkboxes and radio buttons customization (jQuery and Zepto) plugin intro: https://github.com/usablica/intro.js jQuery File Upload: https://github.com/blueimp/jQuery-File-Upload jQuery Notify: http://www.erichynds.com/blog/a-jquery-ui-growl-ubuntu-notification-widget jTable: http://www.jtable.org/ TCPDF: http://www.tcpdf.org/ (Unnecessary program files have been deleted) The OWASP ASVS Report Generator: http://ibuildingsnl.github.io/owasp-asvs-report-generator/index.html Download: https://github.com/ghorbanzadeh/OWAAT

The OWASP WebSpa Project is a Java web knocking tool for sending a single HTTP/S request to your web server in order to authorize the execution of a premeditated Operating System (O/S) command. It provides a cryptographically protected "open sesame" mechanism on the web application layer, comparable to well-known port-knocking techniques Download: https://www.owasp.org/index.php/OWASP_WebSpa_Project

Salutare tuturor, pe data de 25 octombrie 2013 va avea loc conferinta OWASP Romania 2013 in Bucuresti. Nu este perceputa nici o taxa si vrem sa vedem pe cat mai multi dintre voi acolo . Detalii despre conferinta veti gasi aici: https://www.owasp.org/index.php/OwaspRomaniaConference si vor fi actualizate pe masura ce vom avea mai multe informatii referitoare la locatie, sponsori si speaker-i. Pentru cei care vor sa participe activ, campania de Call for Papers s-a deschis mai devreme: Asteptam inscrieri pentru prezentari sau workshop-uri din urmatoarele arii si nu numai: Open Source Security&Hacking Tools Antivirus/Firewall/UTM Evasion Techniques Software Testing/Fuzzing Network and Router Hacking Malware analysis & Reverse Engineering Mobile Application Security-Threats and Exploits Advanced Penetration testing techniques Web Application Security & Hacking Browser Security Hacking virtualized environment WLAN and Bluetooth Security Lockpicking & physical security Honeypots/Honeynets Exploiting Layer 8/Social Engineering Cloud Security Critical Infrastructure & SCADA networks Security National Security & Cyber Warfare Cyber Forensics, Cyber Crime & Law Enforcement IT Auditing/Risk management Vor fi selectate prezentarile si temele cele mai interesante. Inregistrarea prezentarilor se realizeaza aici. Important: termenul limita pentru inscrierea prezentarilor este 15 septembrie lista speakerilor confirmati va fi anuntata pe 25 septembrie conferinta va avea loc pe 25 octombrie prezentarile vor avea durata de 45 de minute fiecare va exista un speaker agreement Cei care vor sa vina sunt rugati sa se inscrie si pe acest event ca sa stim cam la cate persoane sa ne asteptam Update (11.09.2013): Va fi o conferinta de o zi, va incepe la ora 10 si vor veni in principiu programatori, oameni care lucreaza in security, studenti si cei interesati de aspecte de securitate IT. Avem in Politehnica o sala de 200 de persoane.