owtf.md 2.0 KB
OWASP OWTF is a project focused on penetration testing efficiency and alignment of security tests to security standards like the OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST so that pentesters will have more time to:
- See the big picture and think out of the box
- More efficiently find, verify and combine vulnerabilities
- Have time to investigate complex vulnerabilities like business logic/architectural flaws, etc.
- Perform more tactical/targeted fuzzing on seemingly risky areas
- Demonstrate true impact despite the short timeframes we are typically given to test
OWTF includes:
- A highly configurable plugin system
- A fast (the fastest Python MiTM proxy yet!) MiTM SSL proxy
- A pretty web interface
- An interactive report
- Full coverage for OWASP Testing Guide v3/v4, PTES, NIST, and CWE mappings
- Built-in integrations for Mozilla Zest and Plug-n-Hack standards
- REST API exposed to control and extend the functionality of OWTF
- Web Application
- OWASP
- Pentest
- Vulnerability assessment
- Abraham Aranguren (https://twitter.com/7a_)
- Bharadwaj Machiraju (https://twitter.com/tunnelshade_)
- Viyat Bhalodia (https://twitter.com/viyat)
- Project homepage
- IRC
- Wiki
- Slack and join channel
#project-owtf - User Documentation
- Youtube channel
- Slideshare
- Blog
Social Media