Secure Coding mailing list archives
Fwd: [Owasp-igoat-project] OWASP iGoat version 2.0 RELEASED!!!
From: "Kenneth R. van Wyk" <ken () krvw com>
Date: Tue, 26 Feb 2013 14:56:29 -0500
Greetings SC-L, For all of you who are interested in mobile app sec (or interested in learning more about it), we released OWASP iGoat version 2.0 today. See the details in our announcement below. Cheers, Ken van Wyk Begin forwarded message:
From: "Kenneth R. van Wyk" <ken () krvw com> Subject: [Owasp-igoat-project] OWASP iGoat version 2.0 RELEASED!!! Date: February 26, 2013 2:48:48 PM EST To: "owasp-igoat-project () lists owasp org" <owasp-igoat-project () lists owasp org> OWASP iGoat Project: Thanks to iGoat lead developer, Sean Eidemiller, it gives me great pleasure to announce the immediate release of OWASP iGoat version 2.0! See the project web site at: https://www.owasp.org/index.php/OWASP_iGoat_Project for more information, or go directly to the source repository to download at: http://code.google.com/p/owasp-igoat/ The OWASP iGoat tool is a stand-alone iOS app (distributed solely in source code) designed to introduce iOS developers to many of the security pitfalls that plague poorly-written apps. Like its namesake, OWASP's WebGoat tool, iGoat is intended to teach software developers about these issues by stepping them through a series of exercises, each of which focuses on a single aspect of iOS security. OWASP iGoat is an ideal tool to use in a classroom setting to teach iOS developers (and technically minded IT Security staff with at least some exposure to object oriented programming). Exercises include many typical problem issues (and their solutions) including: - Securing sensitive data in transit - Securing sensitive data at rest - Securely connecting to back-end authentication services - Side channel data leakage (e.g., system screen shots, cut-and-paste, and keystroke logging via the autocorrection feature) - Making use of the system keychain to store small amounts of consumer-grade sensitive data New to version 2.0: - iGoat is now a true Universal app, so it builds and runs on iPhones, iPod Touches, as well as iPads. Full screen views are supported on all of these devices. (It also runs on the iPhone simulator included with XCode, of course -- which is ideal for a classroom environment.) - A few "behind the scenes" improvements were made to the iGoat platform itself, making it easier to work with and develop new exercises. These include: o Storyboards for main screen navigation. o ARC support for object memory management. - General code clean-ups. Requirements: To build and run iGoat, you'll need a Mac running OS X (real or virtual machine), with XCode installed. iGoat was built for Mountain Lion, but should run fine on any OS X newer than Snow Leopard. We recommend the latest XCode and built iGoat using XCode version 4.6. Similarly, iGoat was built on iOS 6.1, but should be backwards compatible with at least version 5.x. We invite the OWASP community to download and try iGoat, and we welcome your suggestions for improvements. We're always looking for willing participants to contribute to the project as well! Cheers, Ken van Wyk OWASP iGoat Project Leader _______________________________________________ Owasp-igoat-project mailing list Owasp-igoat-project () lists owasp org https://lists.owasp.org/mailman/listinfo/owasp-igoat-project
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Secure Coding mailing list (SC-L) SC-L () securecoding org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
Current thread:
- Fwd: [Owasp-igoat-project] OWASP iGoat version 2.0 RELEASED!!! Kenneth R. van Wyk (Feb 26)