OWASP WebScarab Technical Specifications

Index Guide

Technical Specification

Component NameUI
Specification Authortpanton@hushmail.com
Developer / Component Ownertpanton@hushmail.com>
Feature NameTarget SelectionPriority1
DescriptionAllow user to select target website
Feature NameDB configPriority1
DescriptionAllow user to configure database settings
Feature NameSavePriority2
DescriptionAllow user to save progress
Feature NameRestorePriority
DescriptionAllow user to restore from saved state
Feature NameDeletePriority2
DescriptionAllow user to delete a saved state
Feature NameExitPriority1
DescriptionAllow user to exit the application cleanly
Feature NameAbandonPriority1
DescriptionAllow user to exit the application even if part of the system is hung
Feature NameStopPriority1
DescriptionAllow user to stop all activity
Feature NameResumePriority2
DescriptionAllow user to resume after a stop
Feature NamePhase viewsPriority1
DescriptionVisually represent phases
Feature NameSpider startPriority1
DescriptionAllow user to start the spider phase
Feature NameSpider stopPriority2
DescriptionAllow user to stop spider phase
Feature NameSpider clearPriority1
DescriptionClear state of spider
Feature NameSpider progressPriority1
DescriptionVisually represent progress of spider
Feature NameSpider viewPriority1
DescriptionVisually represent the results of the spider
Feature NameSpider interactPriority2
DescriptionAllow user to interact with url's found in spider. Which might consist of: Selecting a url as a target for the proxy window. Editing the database descrition for the url. Viewing the url in an external browser. Marking the url as a candidate for further activity. Marking the url as not candidate for further activity. Marking the url as invalid - ie not a target for other phases.
Feature NameProxy select urlPriority1
DescriptionAllow a user to select a url to investigate
Feature NameProxy viewPriority1
DescriptionAllow a user to view the selected page
Feature NameProxy structurePriority1
DescriptionAllow a user to view the structure of the selected page
Feature NameProxy editPriority1
DescriptionAllow user to edit fields in the page
Feature NameProxy write changesPriority1
DescriptionWrite changed data to database for use in attack
Feature NameProxy tryPriority3
DescriptionAllow user to 'try' her changes against target system
Feature NameAnalysis startPriority1
DescriptionStart analysis/attack build of stored urls
Feature NameAnalysis stopPriority1
DescriptionStop analysis
Feature NameAnalysis clearPriority1
DescriptionClear state of analysis
Feature NameAnalysis progressPriority1
DescriptionVisually represent progress of analysis
Feature NameAnalysis viewPriority1
DescriptionVisually represent results of attack/build (ie list of attacks)
Feature NameAnalysis interactPriority2
DescriptionAllow user to interact with proposed attacks Which might consist of: Editing the parameters (ranges?) of an attack. Marking the url as a candidate for further activity. Marking the url as not candidate for further activity. Marking the url as invalid - ie not a target for other phases.
Feature NameAttack startPriority1
DescriptionStart attack
Feature NameAttack stopPriority1
DescriptionStop attack
Feature NameAttack clearPriority1
DescriptionClear state of attack
Feature NameAttack progressPriority1
DescriptionVisually represent progress of attack
Feature NameAttack viewPriority1
DescriptionVisually represent results of attack/build (ie list of attack results)
Feature NameReport viewPriority1
DescriptionShow report of attck results
Feature NameReport printPriority2
DescriptionBuild print file for reports
Feature NamePreferences - userPriority3
DescriptionSave user preferences (fonts,detail level,colours etc)
Feature NamePreferences - sitePriority3
DescriptionSave preferences related to site (valid accounts, spider depth, max connections etc)

Index Guide

Priority Description123
Description

A feature that is

  • considered absolutely neccesary for the tools first release
  • needed for core fucntionality
  • needed to support other components

A feature that is

  • considered desireable but not absolutely needed
  • not requireed by any other components

A feature that is

  • nice to have if possible
  • not required by any other components