OWTF 0.30 “Summer Storm II” released! plz RT!

IMPORTANT NOTE: Some of the new features require the use of the “–dev” flag, please report any issues you find in our github page. Thanks!

This is another a very significant release which includes the continued outstanding work of the following Google Summer of Code Projects:

OWASP OWTF – INBOUND PROXY WITH MiTM & CACHING CAPABILITIES by Bharadwaj Machiraju (Dedicated Mentor: Krzysztof Kotowicz, Co-Mentors: Javier Marcos de Prado, Martin Johns, Abraham Aranguren)

OWASP OWTF – Multiprocessing  by Ankush Jindal (Dedicated Mentor: Andrés Riancho, Co-Mentor: Abraham Aranguren)

OWASP OWTF – Reporting by Assem Chelli (Dedicated Mentor: Gareth Heyes, Co-Mentors: Johanna Curiel, Azeddine Islam Mennouchi, Hani Benhabiles, Abraham Aranguren)

  • Project Plan document <– FEEDBACK Welcome!
  • The prototypes and voting poll will become public on Thursday this week, stay tuned 🙂

OWASP OWTF – Unit Test Framework by Alessandro Fanio González (Dedicated Mentor: Andrés Morales, Co-Mentor: Abraham Aranguren)

Usual background + Disclaimer:
OWASP OWTF, the Offensive (Web) Testing Framework, is an
OWASP+PTES-focused try to unite great tools and make pen testing more
efficient @owtfp http://owtf.org
WARNING: This tool unites many great tools, websites, knowledge and
their associated power, please hack responsibly and always have
permission. That being said, happy pwnage 🙂

Some links:
Project page
– You will probably get the most out of this tool if you look at the Presentation Slides first.
Download the bleeding edge version of OWTF
Download the latest stable version of OWTF
Subscribe to the OWTF mailing list
– We’re also on #owtf within freenode (IRC)

OWTF would just not be possible without all the people that contributed in one way or another. All contributors to date got a T-shirt this year, to all of you: Thank you!

(Picture above is courtesy of @an_animal (Thanks!)

Change log since OWTF 0.20 “Summer Storm I” (Full change log is here):

09/08/2013 – 0.30 “Summer Storm II” alpha release: Dedicated to Alessandro Fanio Gonzalez (@alessandrofg), Ankush Jindal (@ankushjindal278), Assem Chelli (@assem-ch), Bharadwaj Machiraju (@tunnelshade), their mentors: Andrés Morales, Andrés Riancho, Gareth Heyes, Krzysztof Kotowicz, and their co-mentors: Abraham Aranguren, Azeddine Islam Mennouchi, Hani Benhabiles, Javier Marcos de Prado, Johanna Curiel, Martin Johns.
+ Extracting the HTML generated by the reporting system from Python modules into independent Jinja2 template files <==> Assem Chelli (@assem-ch)
+ Added some features to the Testing Framework. Added tests that cover approximately the 45% of the code of the OWTF Framework. <==> Alessandro Fanio Gonzalez (@alessandrofg)
+ Added support for test coverage reports and test logs in HTML. <==> Alessandro Fanio Gonzalez (@alessandrofg)
+ Spawing multiple processes on the basis of targets and then handling the input, stopping of the targets <==> Ankush Jindal(@ankushjindal278)
+ Centerlized log function <==> Ankush Jindal(@ankushjindal278)
+ Generic messaging system with pull and push facility differently and database handler to use messaging for DB transaction in multiprocessing<==> (@ankushjindal278)
+ Draft inbound proxy is replaced by a new inbound proxy <=> Bharadwaj Machiraju (@tunnelshade)
+ Inbound proxy is capable of caching and saving the transactions <=> Bharadwaj Machiraju (@tunnelshade)
+ Inbound proxy is capable of cookie filters. <=> Bharadwaj Machiraju (@tunnelshade)