Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
OWASP OWTF 
Anant Shrivastava
OWTF
O.W.T.F.
Offensive 
Web 
Testing 
Framework
Who am i Anant Shrivastava 
Information Security Consultant 
OWASP + G4H + null 
http://anantshri.info 
@anantshri
Agenda 
What is OWTF 
OWTF Demo 
Things not covered 
How to Contribute
Offensive 
Web 
Testing 
Framework
Need of W.T.F. 
Automated Pentest operations 
Organize finding as per standard 
standard could be OWASP, NIST or others 
c...
History 
We started out as a way to run OWASP test's without 
accessing the website directly i.e. via indirect / passive w...
U. S. P. 
Automated task execution 
Single Dashboard 
result aggregation (in future co-relation) 
Raw tools output availab...
HOW
But its primarily a DEMO
So lets Launch the demo parts first.
Project hosted at http://github.com/owtf/owtf
Officially supports 
KALI LINUX & Samurai WTF
Demo Setup 
1. Kali Machine with OWTF configured on it 
2. scan : 
http://demo.testfire.net 
3. scan : 
http://testasp.vul...
Basic setup 
git clone 
http://github.com/owtf/owtf.git 
cd owtf 
python2 install/install.py
DEMO
Development
Not covered 
OWTF botnetmode 
OWTF inbuilt proxy 
OWTF PlugnHack support 
OWTF Waf Bypasser and other plugins
contribute? 
GSoC 
Winter of Code 
Just Code 
Issue tracker comments on Github page.
Useful links 
1. 
http://owtf.org 
2. 
http://github.com/owtf/owtf 
3. Video Demos @ youtube (owtfproject) 
4. 
http://bit...
Social Connect 
Twitter: @owtfp 
Freenode IRC : #owtf
Any Questions?
slide credits 
Not all slides were mine. 
credits to 
@tunnelshade_ and @7a_ 
for some slides.
Thank You
Upcoming SlideShare
Loading in …5
×

OWASP Bangalore : OWTF demo : 13 Dec 2014

1,819 views

Published on

This slide deck used as part of the OWASP OWTF demo session during combined monthly meet for OWASP, null, Garage4Hackers

Published in: Technology
  • Be the first to comment

OWASP Bangalore : OWTF demo : 13 Dec 2014

  1. 1. OWASP OWTF Anant Shrivastava
  2. 2. OWTF
  3. 3. O.W.T.F.
  4. 4. Offensive Web Testing Framework
  5. 5. Who am i Anant Shrivastava Information Security Consultant OWASP + G4H + null http://anantshri.info @anantshri
  6. 6. Agenda What is OWTF OWTF Demo Things not covered How to Contribute
  7. 7. Offensive Web Testing Framework
  8. 8. Need of W.T.F. Automated Pentest operations Organize finding as per standard standard could be OWASP, NIST or others custom notes and rankings identify type of execution Passive, active
  9. 9. History We started out as a way to run OWASP test's without accessing the website directly i.e. via indirect / passive ways. Written in Python by Abraham (@7a_) One of the most active OWASP projects alongside (ZAP and TestingGuide)
  10. 10. U. S. P. Automated task execution Single Dashboard result aggregation (in future co-relation) Raw tools output available Single point dashboard for all data. Control Task's : Pause and resume.
  11. 11. HOW
  12. 12. But its primarily a DEMO
  13. 13. So lets Launch the demo parts first.
  14. 14. Project hosted at http://github.com/owtf/owtf
  15. 15. Officially supports KALI LINUX & Samurai WTF
  16. 16. Demo Setup 1. Kali Machine with OWTF configured on it 2. scan : http://demo.testfire.net 3. scan : http://testasp.vulnweb.com
  17. 17. Basic setup git clone http://github.com/owtf/owtf.git cd owtf python2 install/install.py
  18. 18. DEMO
  19. 19. Development
  20. 20. Not covered OWTF botnetmode OWTF inbuilt proxy OWTF PlugnHack support OWTF Waf Bypasser and other plugins
  21. 21. contribute? GSoC Winter of Code Just Code Issue tracker comments on Github page.
  22. 22. Useful links 1. http://owtf.org 2. http://github.com/owtf/owtf 3. Video Demos @ youtube (owtfproject) 4. http://bit.ly/owtf-demo-lionheart
  23. 23. Social Connect Twitter: @owtfp Freenode IRC : #owtf
  24. 24. Any Questions?
  25. 25. slide credits Not all slides were mine. credits to @tunnelshade_ and @7a_ for some slides.
  26. 26. Thank You

×