OWASP Source Code Center / News: Recent posts

International Top Ten Version

The Top Ten project has released Japanese, French, and Korean versions of the 2004 Top Ten.

Posted by Jeff Williams 2004-07-08

OWASP publishes the VulnXML db

The first VulnXML db draft release is available at:
http://beta.owasp.org/vulnxml

VulnXML is a description for static known vulnerabilities and provides all necessary information to let an execution engine automatically craft and launch appropriate HTTP, SOAP or WebDAV requests and analyse the response whether the attack had success.

Besides it provides some human readable classification of the described vulnerability.... read more

Posted by Ingo Struck 2003-07-03

OWASP Common Library 0.1 released

The first beta of the OWASP Common Library (OCL) has been released. OCL is a a fast, very lightweight and security centered java library to support building scalable and secure web applications running on a J2EE servlet engine with very low resource consumption.

This release comes with lots of full-working functionality including fast form validation, a highly modular form layout engine and a bunch of security-centered auxiliary classes for javax.servlet.

Posted by Ingo Struck 2003-06-15

OCL / WebScarab pre-beta 3 released

Several additions and bugfixes have been integrated into this early release.
Most of them are features neede by the VulnXML database web application.
Among them:
- indexing on database engines
- MikiDoc renderer added
- @man repository added

Try out some of these new features.

Regards

istr

Posted by Ingo Struck 2002-12-08

WebScarab pre-beta 2 released

Today the WebScarab project has been ported to be backed by the OWASP common library (ocl).

This is another step towards the complete integration of all OWASP subprojects to one SourceForge project (projects/owasp, group_id=64424).

To use it, get the ocl.tar.bz2, webscarab.tar.bz2, unpack them, type "ant jar" first for the common library, then for webscarab (install a copy of the owasp.jar into webscarab/lib first) and try to spider some sites with webscarab.... read more

Posted by Ingo Struck 2002-10-30