PaulDotCom mailing list archives
Need a name for a project (teaching app for web security)
From: herrasher at gmail.com (Kennith Asher)
Date: Wed, 25 Feb 2009 21:01:59 -0800
How about CHASM as in the gaping holes in security of the application. I'm sure there are plenty of opportunities to spell out the acronym humorously. I like 'CEOs Hate All this Security Mumbojumbo' or 'Crenshaw's Hole-filled Application for Security Mastery' Ken 2009/2/25 Adrian Crenshaw <irongeek at irongeek.com>
Ah, I see you looked up CowKiller. :) Some are very pretty bugs. Adrian On Wed, Feb 25, 2009 at 5:39 PM, Rob Fuller <jd.mubix at gmail.com> wrote:http://en.wikipedia.org/wiki/Mutillidae 2009/2/25 Adrian Crenshaw <irongeek at irongeek.com>:Awhile back I wrote an article on deliberately insecure web applicationshttp://www.irongeek.com/i.php?page=security/deliberately-insecure-web-applications-for-learning-web-app-securityNow I want to write my own for a class I plan to teach, and release it online. I plan to do it all in PHP and make it easy to use with Xampp. For the sake if teaching core concepts, I plan to implement the OWASPTop 10vulnerabilities . Here are the core goals: 1. Make the code and examples simple to understand to get the pointacross.With some of the stuff in Webgoat it is s a little hard to figure outwhatthey want. My app won't be very realistic, but it should illustrate the concepts. 2. Be geared in such a way that it's easy to update. 3. Easy to install and run (I plan to distribute it with XAMMP). 4. When folks find bugs in my crappy code, I can legitimately say it's a feature. I'm leaning towards the name: CowKiller: Oh, What A Shitty Program A CowKiller is a type of WASP, and the 2nd part is a double acronym. Any better ideas for naming it? Adrian _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090225/7b0ddb9a/attachment.htm
Current thread:
- Need a name for a project (teaching app for web security) Adrian Crenshaw (Feb 25)
- Need a name for a project (teaching app for web security) iamnowonmai (Feb 25)
- Need a name for a project (teaching app for websecurity) infolookup at gmail.com (Feb 25)
- Need a name for a project (teaching app for websecurity) Adrian Crenshaw (Feb 25)
- Need a name for a project (teaching app for web security) Rob Fuller (Feb 25)
- Need a name for a project (teaching app for web security) Adrian Crenshaw (Feb 25)
- Need a name for a project (teaching app for web security) Kennith Asher (Feb 25)
- Need a name for a project (teaching app for web security) Adrian Crenshaw (Feb 26)
- Need a name for a project (teaching app for web security) iamnowonmai (Feb 26)
- Need a name for a project (teaching app for web security) Adrian Crenshaw (Feb 26)
- Need a name for a project (teaching app for web security) Adrian Crenshaw (Feb 27)
- Need a name for a project (teaching app for web security) Adrian Crenshaw (Feb 25)