OWASP Foundation
Web Page: https://www.owasp.org/index.php/GSoC2012_Ideas
Mailing List: mailto:gsoc@lists.owasp.org
OWASP is the Open Web Application Security Project. It is an open community dedicated to enabling organizations to develop, purchase, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. We advocate approaching application security as a “people, process, and technology” problem, because the most effective approaches to application security include improvements in all of these areas.
The OWASP Foundation is a US 503(c)(3) organization that supports its community of developers in creating tools and libraries that help improve application security for organizations and developers across the world. These “OWASP projects”, like all content at OWASP, are open and free and as such, we mandate that any project created at OWASP is distributed under an approved OSS license.
Projects
- [ZAP Project] Redesign of site crawler with of sessions awareness Currently ZAP Project is using a website crawler that is a bit outdated and doesn’t have all the required features anymore. Some of the current issues include an old design, missing the ability of comparing two crawling sessions of two logged in users (associate requests with different sessions) and does not offer integration with OWASP AJAX crawling tool. My proposal for this Google of Summer of Code project consists of redesigning the existing crawler and adding sessions awareness.
- Enhanced AJAX Integration in ZAProxy Throughout this project, a plugin for the OWASP Zed Attack Proxy will be developed to improve its integration with the OWASP AJAX Crawling Tool. This will facilitate users performing penetration tests to web sites that use AJAX technologies, whose popularity has increased since the growth of the web 2.0.
- Hackademic CMS The idea to convert Hackademic into a CMS more or less combines the two ideas (Hackademic Challenges Standardization and Hackademic Challenges Frontend).
- SOAP Web Services server for AppSensor AppSensor is an open source project; a conceptual framework to provide a guidance to implement intrusion detection into an existing application. The project implements an engine that analyses, detects and creates automated response to the application. This project aims to introduce a service based model to the AppSensor project. The service based model shall consist of SOAP/REST based web service. This will separate the client and server code and make it scalable and flexible for a better functionality.