Our mailing list:
https://lists.owasp.org/mailman/listinfo/owasp-iran
[email protected]
Feel free to join discussions or start one!
https://lists.owasp.org/mailman/listinfo/owasp-iran
[email protected]
Feel free to join discussions or start one!
سلام به همگی،
بخش OWASP ایران دوباره راه اندازی شد، لطفا لینک کانال ما را به اشتراک بگذارید .
https://telegram.me/irOWASP
متشکرم.
بخش OWASP ایران دوباره راه اندازی شد، لطفا لینک کانال ما را به اشتراک بگذارید .
https://telegram.me/irOWASP
متشکرم.
لیست پست الکترونیک ما:
https://lists.owasp.org/mailman/listinfo/owasp-iran
[email protected]
لطفا به ما بپیوندید
https://lists.owasp.org/mailman/listinfo/owasp-iran
[email protected]
لطفا به ما بپیوندید
Google Summer of Code 2016
Google is now accepting applications for mentoring organizations for GSoC 2016! We are looking for your project ideas and making the initiative a success!
For those of you that have participated in the program, this is the time of the year to start outlining your ideas for projects here:
https://www.owasp.org/index.php/GSOC2016_Ideas
Deadline is Approaching February 19th [Tomorrow]
any question or help? contact me directly [email protected]
Google is now accepting applications for mentoring organizations for GSoC 2016! We are looking for your project ideas and making the initiative a success!
For those of you that have participated in the program, this is the time of the year to start outlining your ideas for projects here:
https://www.owasp.org/index.php/GSOC2016_Ideas
Deadline is Approaching February 19th [Tomorrow]
any question or help? contact me directly [email protected]
Bug Hunting in OWASP
Volunteering to secure OWASP assets and web applications.
For anyone who wants to help OWASP
https://www.owasp.org/index.php/Help_Secure_Owasp_assests
Set your name if you have editing rights to the wiki
Otherwise contact me, I'll gladly set your name on the list.
Volunteering to secure OWASP assets and web applications.
For anyone who wants to help OWASP
https://www.owasp.org/index.php/Help_Secure_Owasp_assests
Set your name if you have editing rights to the wiki
Otherwise contact me, I'll gladly set your name on the list.
OWASP Zed Attack Proxy Project
The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.
It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.
ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.
https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
https://github.com/zaproxy/zaproxy/
https://github.com/zaproxy/zap-extensions/
The OWASP Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.
It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.
ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.
https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
https://github.com/zaproxy/zaproxy/
https://github.com/zaproxy/zap-extensions/
GitHub
GitHub - zaproxy/zaproxy: The ZAP by Checkmarx Core project
The ZAP by Checkmarx Core project. Contribute to zaproxy/zaproxy development by creating an account on GitHub.
OWASP ZSC Tool Project
What is OWASP ZSC ?
OWASP ZSC is an open source software in python language which lets you generate customized shellcodes and convert scripts to an obfuscated script. This software can be run on Windows/Linux/OSX under python.
OWASP Page: https://www.owasp.org/index.php/OWASP_ZSC_Tool_Project
Documents: https://www.gitbook.com/book/ali-razmjoo/owasp-zsc/details
Home: https://zsc.z3r0d4y.com/
Features: https://zsc.z3r0d4y.com/table.html
Github: https://github.com/Ali-Razmjoo/OWASP-ZSC
Archive: https://github.com/Ali-Razmjoo/ZCR-Shellcoder-Archive
Mailing List: https://groups.google.com/d/forum/owasp-zsc
API: https://api.z3r0d4y.com
@irOWASP
What is OWASP ZSC ?
OWASP ZSC is an open source software in python language which lets you generate customized shellcodes and convert scripts to an obfuscated script. This software can be run on Windows/Linux/OSX under python.
OWASP Page: https://www.owasp.org/index.php/OWASP_ZSC_Tool_Project
Documents: https://www.gitbook.com/book/ali-razmjoo/owasp-zsc/details
Home: https://zsc.z3r0d4y.com/
Features: https://zsc.z3r0d4y.com/table.html
Github: https://github.com/Ali-Razmjoo/OWASP-ZSC
Archive: https://github.com/Ali-Razmjoo/ZCR-Shellcoder-Archive
Mailing List: https://groups.google.com/d/forum/owasp-zsc
API: https://api.z3r0d4y.com
@irOWASP
Gitbook
GitBook - Where software teams break knowledge silos.
GitBook helps you publish beautiful docs and centralize your teams' knowledge. From technical teams to the whole company.
OWASP Application Security Verification Standard Project
What is ASVS?
The OWASP Application Security Verification Standard (ASVS) Project provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development.
@irOWASP
https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project
What is ASVS?
The OWASP Application Security Verification Standard (ASVS) Project provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development.
@irOWASP
https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project
Press Release by Johanna Curiel
Lessons from the cyber underworld: How to understand software vulnerabilities and exploits like a professional hacker with OWASP ZSC Tool
https://www.linkedin.com/pulse/lessons-from-cyber-underworld-how-understand-software-johanna-curiel?trk=hb_ntf_MEGAPHONE_ARTICLE_POST
@irOWASP
Lessons from the cyber underworld: How to understand software vulnerabilities and exploits like a professional hacker with OWASP ZSC Tool
https://www.linkedin.com/pulse/lessons-from-cyber-underworld-how-understand-software-johanna-curiel?trk=hb_ntf_MEGAPHONE_ARTICLE_POST
@irOWASP
OWASP WASC Distributed Web Honeypots Project
The goal of the OWASP WASC Distributed Web Honeypots Project is to identify emerging attacks against web applications and report them to the community including automated scanning activity, probes, as well as, targeted attacks against specific web apps.
Introduction
The goal of the Distributed Web Honeypot (DWH) Project is to identify emerging attacks against web applications and report them to the community. This may include automated scanning activity, probes, as well as, targeted attacks against specific web sites or applications. The scope of this project has recently been expanded to include deployment of both standard web application honeypots and/or open proxy honeypots. Project participants may choose whether they want to run their honeypot as an open proxy or a stand-alone sensor.
Description
This project fills a need in the web application Defender's community to have detailed data about mass web application scanning attacks such as those being operated by Botnets. This project will provide detailed data about attacks and their origins.
https://www.owasp.org/index.php/OWASP_WASC_Distributed_Web_Honeypots_Project
The goal of the OWASP WASC Distributed Web Honeypots Project is to identify emerging attacks against web applications and report them to the community including automated scanning activity, probes, as well as, targeted attacks against specific web apps.
Introduction
The goal of the Distributed Web Honeypot (DWH) Project is to identify emerging attacks against web applications and report them to the community. This may include automated scanning activity, probes, as well as, targeted attacks against specific web sites or applications. The scope of this project has recently been expanded to include deployment of both standard web application honeypots and/or open proxy honeypots. Project participants may choose whether they want to run their honeypot as an open proxy or a stand-alone sensor.
Description
This project fills a need in the web application Defender's community to have detailed data about mass web application scanning attacks such as those being operated by Botnets. This project will provide detailed data about attacks and their origins.
https://www.owasp.org/index.php/OWASP_WASC_Distributed_Web_Honeypots_Project
Brian Beaudry ([email protected]) has been choosen by google (GSoC 2016) as mentor to develop windows shellcodes for owasp zsc project (https://github.com/Ali-Razmjoo/OWASP-ZSC)
GitHub
GitHub - OWASP/ZSC: OWASP ZSC - Shellcode/Obfuscate Code Generator https://www.secologist.com/
OWASP ZSC - Shellcode/Obfuscate Code Generator https://www.secologist.com/ - OWASP/ZSC
OWASP VBScan Version 0.1.6 Released
Project Leader : Mohammad Reza Espargham
https://www.owasp.org/index.php/OWASP_VBScan_Project
Project Leader : Mohammad Reza Espargham
https://www.owasp.org/index.php/OWASP_VBScan_Project
OWASP VBScan
OWASP VBScan (short for [VB]ulletin Vulnerability [Scan]ner) is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analyses them .
Why OWASP VBScan ?
If you want to do a penetration test on a vBulletin Forum, OWASP VBScan is Your best shot ever! This Project is being faster than ever and updated with the latest VBulletin vulnerabilities.
Project Leader : Mohammad Reza Espargham
Github : https://github.com/rezasp/vbscan/
SourceForge : https://sourceforge.net/projects/vbscan/
OWASP Page : https://www.owasp.org/index.php/OWASP_VBScan_Project
OWASP VBScan (short for [VB]ulletin Vulnerability [Scan]ner) is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analyses them .
Why OWASP VBScan ?
If you want to do a penetration test on a vBulletin Forum, OWASP VBScan is Your best shot ever! This Project is being faster than ever and updated with the latest VBulletin vulnerabilities.
Project Leader : Mohammad Reza Espargham
Github : https://github.com/rezasp/vbscan/
SourceForge : https://sourceforge.net/projects/vbscan/
OWASP Page : https://www.owasp.org/index.php/OWASP_VBScan_Project
GitHub
GitHub - OWASP/vbscan: OWASP VBScan is a Black Box vBulletin Vulnerability Scanner
OWASP VBScan is a Black Box vBulletin Vulnerability Scanner - OWASP/vbscan
It is with great sorrow that I must write to report the sad news of the death of our Executive Director, Paul Ritchie, after a short illness.
Paul first joined OWASP in August of 2014 and became the full time Executive Director in May 2015. He has helped the organization to grow globally and has made an enormous difference in our community. He will be greatly missed. He brought order and professionalism. He raised our own high expectations and delivered on the things he set out to do. He made all of us that worked closely with him better and more effective. He helped to set long term strategic goals and managed OWASP’s fiduciary responsibilities with ease.
On behalf of the Board of Directors, we will miss Paul for his leadership and friendly wry knowing smile as the board worked to make difficult choices. I doubt I can express my own sinking feeling of grief at the news, which came suddenly and too early.
Paul’s family asked that we direct those in the community that would like to show support or make a donation to do so in Paul Ritchie’s name to the Multiple Myeloma Research Foundation at https://www.themmrf.org.
Paul first joined OWASP in August of 2014 and became the full time Executive Director in May 2015. He has helped the organization to grow globally and has made an enormous difference in our community. He will be greatly missed. He brought order and professionalism. He raised our own high expectations and delivered on the things he set out to do. He made all of us that worked closely with him better and more effective. He helped to set long term strategic goals and managed OWASP’s fiduciary responsibilities with ease.
On behalf of the Board of Directors, we will miss Paul for his leadership and friendly wry knowing smile as the board worked to make difficult choices. I doubt I can express my own sinking feeling of grief at the news, which came suddenly and too early.
Paul’s family asked that we direct those in the community that would like to show support or make a donation to do so in Paul Ritchie’s name to the Multiple Myeloma Research Foundation at https://www.themmrf.org.
MMRF
The MMRF | Multiple Myeloma Research Foundation
The Multiple Myeloma Research Foundation (MMRF) is the largest nonprofit in the world focused on accelerating a cure for each and every myeloma patient.
OWASP launches bug bounty program on the OWASP Zed Attack Proxy, one of the world's most popular free security tools: https://bgcd.co/1XzVCGa