ABCDEFGHIJKLMNOPQRSTUVWXYZ
1
Project NameProject Leader's AnswerProject Manager
- Proposed action to be taken 		Global Projects Committee
- Action to be taken		Project LinkProject LeaderEmail AddressMailing listNotes
2
3
1OWASP AIR Security Project1) I am currently leading the OWASP AIR Security Project
2) If volunteers want to assist, then they are always welcome to assist. However, I currently do not require additional resources.
3) I would like the project to remain open.		Nonehttps://www.owasp.org/index.php/Category:OWASP_AIR_Security_ProjectPeleus Uhleypuhley@adobe.com
4
5
2OWASP AJAX Security Project1. Rohini Sulatycki said "I don't think that I have the time to lead it and
am happy to hand it over to someone else.

2. Anurag Agarwal wants to assume the project's leadership.		Give leadership to Anurag Agarwal Give leadership to Anurag Agarwal https://www.owasp.org/index.php/Category:OWASP_AJAX_Security_ProjectRohini Sulatyckirohini_sulatycki@yahoo.comowasp-ajax@lists.owasp.orgThe leadership was given to Anurag Agarwal (18 June 09)
6
7
3OWASP Application Security Assessment Standards ProjectNoneClassify as orphan or archiveNEED new Leaderhttps://www.owasp.org/index.php/Category:OWASP_Application_Security_Assessment_Standards_ProjectCliff Barlowcbarlow@korelogic.comowasp-appsec-standards@lists.owasp.org
8
9
4OWASP Application Security Metrics Project1. None
2. All,

I've been put into contact with Jeff Barto who is interested in contributing to the OWASP Application Security Metrics Project. The project was declared orphaned earlier. Jeff is willing to take up the leadership of this project. See Jeff's vision in the thread below.

I'd like to add discussion of changing leaders to the agenda to tonight's meeting (http://www.owasp.org/index.php/GPC_Agenda_2009-08-03).

-Jason
Give leadership to Jeff BartoGive leadership to Jeff Bartohttps://www.owasp.org/index.php/Category:OWASP_Application_Security_Metrics_ProjectBob Austinaustinb@korelogic.comowasp-metrics@lists.owasp.org
10
11
5OWASP AppSec FAQ ProjectNoneClassify as orphan or archiveNEED new Leaderhttps://www.owasp.org/index.php/Category:OWASP_AppSec_FAQ_ProjectSangita Pakalaappsecfaq@owasp.org
12
13
6OWASP Career Development ProjectNoneClassify as orphan or archiveNEED new Leaderhttps://www.owasp.org/index.php/Category:OWASP_Career_Development_ProjectLee.Kushnerowasp-careers@lists.owasp.org
14
15
7OWASP Certification Criteria ProjectNoneClassify as orphan or archiveNEED new Leaderhttps://www.owasp.org/index.php/Category:OWASP_Certification_Criteria_ProjectLarry? Alison?larry.casey@owasp.orgowasp-webcert@lists.owasp.org
16
17
8OWASP Communications ProjectNoneClassify as orphan or archiveNEED new Leaderhttps://www.owasp.org/index.php/Category:OWASP_Communications_ProjectNeil Rerupnrerup@pdbsec.comowasp-communications@lists.owasp.org
18
19
9OWASP Corporate Application Security Rating GuideI am not able to work on the application security guide as I am working long hours at work.
Request you to do whatever the committee thinks is best for the project.		Classify as orphan or archiveNEED new Leaderhttps://www.owasp.org/index.php/OWASP_Corporate_Application_Security_Rating_GuideParvathy Iyerparvathy_iyer@yahoo.comhttps://lists.owasp.org/mailman/listinfo/owasp-corporate-application-security-rating-guide
20
21
10OWASP CRM ProjectNoneNone - The project has been set up recently - less than 3 months.https://www.owasp.org/index.php/Category:OWASP_CRM_ProjectTom Brennantomb@owasp.orgowasp-crm-project@lists.owasp.org
22
23
11OWASP Education Projectsorry for the late reply.
Martin will take over as project leader!
thx
Seba		Replace Seba/Martin https://www.owasp.org/index.php/Category:OWASP_Education_ProjectSeba Deleersnyderseba@owasp.orgowasp-education@lists.owasp.org
24
25
12OWASP Encoding ProjectNoneClassify as orphan or archiveNEED new Leaderhttps://www.owasp.org/index.php/Category:OWASP_Encoding_ProjectMichael Eddingtonowasp-encoding@lists.owasp.org
26
27
13ESAPI SwingsetHi Paulo,

This is really part of the ESAPI project and it is active. Can we just merge?
Mergehttps://www.owasp.org/index.php/ESAPI_SwingsetJeff Williamsjeff.williams@owasp.org
28
29
14OWASP Flash Security ProjectNone.
Peleus Uhley (project's contributor) wrote:
> I noticed that OWASP has labeled the Flash Security project as
> orphaned and I am writing to see what I can do to change its status.
> A few months ago I sent in the GPC surveys for both the Flash and AIR
> security projects. Is the project considered orphaned because Stefano
> DiPaola is stepping down from being its lead? If so, then I will
> volunteer to take over as lead on the project. I have been doing most
> of the updates over the last few months, anyway. Let me know what you
> need.
>
> Thanks, -Peleus
Stefano Di Paola by Peleus UhleyI'm not sure if I'm remembering this 100% accurately but I believe your
reasoning is correct about why those projects were listed as orphaned.

How to change the leadership from Stephano to you? Generally, I'd
say "Send an email to Paulo Coimbra, the GPC's best friend and
general project manager for OWASP". But, I've sent this email to him
as well so he should be able to let you know the next steps.

Thanks for stepping up and volunteering to help OWASP!

-- Matt Tesauro
https://www.owasp.org/index.php/Category:OWASP_Flash_Security_ProjectStefano Di Paolastefano.dipaola@mindedsecurity.com
30
31
15OWASP Fuzzing Code Database1. None because hasn't been contacted
2. Wganer Elias volunteered to assume the lead		Hand out the leadership to Wagner EliasGPC has hand out the leadership to Wagner Eliashttps://www.owasp.org/index.php/Category:OWASP_Fuzzing_Code_DatabaseNot known Not known Not known
32
33
16OWASP Honeycomb ProjectThe Honeycomb project was incorporated by ASDR, so this project doesn't
exists no more. Its main page may be forwarded to ASDR main page.		Leonardo has implemented his own suggestion.
No action needs to be taken.		https://www.owasp.org/index.php/Category:OWASP_Honeycomb_ProjectLeonardo Militellileonardocavallari@gmail.comowasp-honeycomb@lists.owasp.org
34
35
17OWASP Insecure Web App Projecthttps://www.owasp.org/index.php/Category:OWASP_Insecure_Web_App_ProjectLawrence AngraveNot KnownTo contact Laurence Casey who has been updating the wiki page
36
37
18OWASP Interceptor ProjectHI Paulo,
So things have been extremely busy with me on the personal/business front and i haven’t had much time for OWASP (unfortunately) especially after the time that went into the owasp conf in AU..

Anyhow the interceptor project is mine, it’s something i did a while ago i have the source code (it requires paid binaries) hence why the source isn’t online.. I was going to use some money from the previous (soc) as you know i pulled out due to time constraints..

Unfortunately due to some health/personal issues i am not going to have much time for at least the next few months..
Happy for someone to take over the project if they wish.. I do get alot of requests for assistance from the tool, but get to the responses when i can.

Cheers
Justin		??????Leonardo's answer: IMHO, this is the type of project that we should avoid sponsor for this or any SoC.
The link for project file is not working. It`s free for use, but there`s no source code available and "it requires paid binaries", that is totally against OWASP principles.

I dont know if there is any other project on the same situation, but if so, we should cut them off from SoC.
Best,
Leo

Dinis: If this is true, this should NOT BE an OWASP project		https://www.owasp.org/index.php/Category:OWASP_Interceptor_ProjectJustin Derryjderry@owasp.orgowasp-interceptor-project@lists.owasp.org
38
39
19OWASP JBroFuzzYes. I am the project lead on this project; for the last time, due to contractual obligations, I do not advertise my name on the project page and use the alias subere instead.Needs support to find reviewers.
Maybe can wait and use the new assessment criteria.		https://www.owasp.org/index.php/Category:OWASP_JBroFuzzYiannis Pavlosoglousubere@uncon.orgowasp-jbrofuzz@lists.owasp.org
40
41
20OWASP Jobs ProjectI've completely abandoned OWASP.
I didn't do anything with the jobs project before I bailed out.		To archive or classify as orphanNEED new Leaderhttps://www.owasp.org/index.php/Category:OWASP_Jobs_ProjectAndy Lewisalewis@owasp.orgowasp-jobs-project@lists.owasp.org
42
43
21OWASP Joomla Vulnerability Scanner ProjectRight before finishing my OWASP Joomla Vulnerability Scanner projects, I got some jobs and got busy. Now I've finished coding it.
I now send it to my 1st, 2nd and board member for review.
Thank you so much for your letting me know.		None. Has been set up less than three monthshttps://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_ProjectAung Khantaungkhant@yehg.netowasp-joomla-vulnerability-scanner@lists.owasp.org
44
45
22OWASP LAPSE ProjectNone (Project Leader, Benjamim)

(Mike Boberski) GPC, does anyone have a copy of the source for either
the last contributed version of LAPSE, or the latest version on the
Stanford website? I sent an email to the last known POC (Benjamin),
no response.

It would be handy for me to have a tool to support interactively
highlighting paths between suspected sources and sinks while
performing a manual review. E.g., double-click on a variable,
and have not just instances of that variable highlight, but then after
an assignment, highlight the assigned variable (which is now tainted), etc.

I would like to examine the source to determine if I can bend it with
relative ease for my purposes (add an on-click event type interface,
add a custom languge interface to highlight configurable sets of keywords,
strip out the detection/classification rules, make it work with PHP). If so
I may then volunteer to become the project lead, that would be my
project roadmap.

Best,

Mike B.
Mike,

I have also contacted Benjamin Livshits without being answered back.
If you ultimately decide to adopt the
http://www.owasp.org/index.php/Category:OWASP_LAPSE_Project
please give us a heads-up.

Thanks,

NEED new Leaderhttps://www.owasp.org/index.php/Category:OWASP_LAPSE_ProjectBenjamin Livshitslivshits@cs.stanford.edu
46
47
23OWASP LiveCD Education ProjectNoneRedirect to live CD https://www.owasp.org/index.php/Category:OWASP_LiveCD_Education_ProjectJosh Sweeneyspyroinc@gmail.comowasp-live-cd-education@)lists.owasp.org
48
49
24OWASP Logging Project1. None
2. Marc Chisinevski volunteered to assume the leadership		Hand out the leadership to Marc Chisinevski GPC handed out the leadership to Marc Chisinevski https://www.owasp.org/index.php/Category:OWASP_Logging_ProjectAnthony Laianthonylai@owasp.orgowasp-logging@lists.owasp.org
50
51
25OWASP MutillidaeNoneNone. Has been set up less than three monthshttps://www.owasp.org/index.php/Category:OWASP_MutillidaeAdrian Crenshawirongeek@irongeek.comowasp-mutillidae@lists.owasp.org
52
53
26OWASP OpenSign Server ProjectNoneNone. Has completed its SoC 08 phase less than 3 months ago.https://www.owasp.org/index.php/Category:OWASP_OpenSign_Server_ProjectPhil Potiskphilipp_p@gmx.atOwasp-OpenSign-Server-Project@lists.owasp.org
54
55
27OWASP Oracle ProjectNone because hasn't been contacted ????????https://www.owasp.org/index.php/Category:OWASP_Oracle_ProjectMarinus J. KuivenhovenNot KnownNot Known
56
57
28OWASP Pantera Web Assessment Studio ProjectNoneTo archive or classify as orphanNEED new Leaderhttps://www.owasp.org/index.php/Category:OWASP_Pantera_Web_Assessment_Studio_ProjectSimon R. Femerlingpantera.proxy@gmail.comowasp-pantera@lists.owasp.org
58
59
29OWASP PHP AntiXSS Library ProjectNoneTo archive or classify as orphanNEED new Leaderhttps://www.owasp.org/index.php/Category:OWASP_PHP_AntiXSS_Library_ProjectAndrew van der Stockvanderaj@owasp.org
60
61
30OWASP PHP Project1. Are you currently leading the
https://www.owasp.org/index.php/Category:OWASP_PHP_Project? If not, can you provide the name of the new lead?
Yes I am.

2. Do you or the new lead require assistance either with the technical aspects of your project, or with leading it?
Currently I don't require any assistance.
The project has been dormant for some time, however I do have a lot of documentation that I have created locally (on my PC) and will migrate to the the wiki in the near future.

the project can be marked as in-development, or 'starting phase', however please do not retire/decomission the project entirely.		Assist the project leader with the documentation's migration.https://www.owasp.org/index.php/Category:OWASP_PHP_ProjectSerg Belokamenserg@owasp.orgowasp-php@lists.owasp.org
62
63
31OWASP Report GeneratorMark Roxberry has volunteered to assume the leadershipGive leadership to Mark Roxberryhttps://www.owasp.org/index.php/ORG_(Owasp_Report_Generator)Dinis Cruz
Mike de Libero 		dinis.cruz@owasp.org
medelibero@gmail.com		The leadership was given to Mark Roxberry
64
65
32OWASP Scholastic Application Security Assessment ProjectI have no time or interest in continuing this project.To archive or classify as orphanNEED new Leaderhttps://www.owasp.org/index.php/Category:OWASP_SASAP_ProjectEric Sheridan
Goran Trajkovski		eric.sheridan@aspectsecurity.com
gtrajkovski@southuniversity.edu
66
67
33OWASP Security Spending BenchmarksYes, the project is still very much active under my leadership.
We do not require any technical assistance at the moment but I will let you know if that changes.		Nonehttps://www.owasp.org/index.php/Category:OWASP_Security_Spending_BenchmarksBoaz Gelbordboaz.gelbord@owasp.org
68
69
34OWASP SiteGeneratorNoneTo archive or classify as orphanNEED new Leaderhttps://www.owasp.org/index.php/Owasp_SiteGeneratorMike de Libero
Abby Levenberg		medelibero@gmail.com
leven101@gmail.com
70
71
35OWASP Source Code Review OWASP Projects ProjectNoneArchiveAsk Eoin to see if they want to take this content (if not archive it) & Dan Cornelhttps://www.owasp.org/index.php/Category:OWASP_Source_Code_Review_OWASP_Projects_ProjectJames Waldenwaldenj1@nku.eduOWASP-SCode-Review-OWASP-Projects@lists.owasp.org
72
73
36OWASP Speakers ProjectSebastien has invited Martin Knobloch to assume the project's
leadership and he has accepted. 		Nonehttps://www.owasp.org/index.php/Category:OWASP_Speakers_ProjectMartin Knoblochmartin.knobloch@owasp.orgNot known
74
75
37OWASP SQLiX ProjectNoneTo archive or classify as orphanNEED new Leaderhttps://www.owasp.org/index.php/Category:OWASP_SQLiX_ProjectCedric Cochincedric.cochin@gmail.comowasp-sqlix@lists.owasp.org
76
77
38OWASP Stinger ProjectHas sent a file with the content to fill in the Jason's questionnaire.
I wasn't able to open it up and asked the project leader to fill in the form.		Nonehttps://www.owasp.org/index.php/Category:OWASP_Stinger_ProjectWesley WestWesley.M.West@ge.comowasp-stinger@lists.owasp.org
78
79
39OWASP SWAAT ProjectHello Josiah,

My name is Tom Aratyn and I’m the lead software developer at Security Compass. Thank you for letting us know about the broken link. We recently updated our website (as well as launching our Labs initiative at http://labs.securitycompass.com) and unfortunately those files got misplaced for a bit.

I also wanted to let you know that Security Compass is no longer actively developing SWAAT however we hope that you find it a useful tool and that it helps you.

(...)
All the best,

Tom Aratyn
Software Developer, Security Compass

2. Suresh Ranganathan has volunteered to lead the project (16/06/2010) 		To archive or classify as orphanhttps://www.owasp.org/index.php/Category:OWASP_SWAAT_ProjectTom Aratyn tom@securitycompass.comLast time actualized: 9 March 2009 by the user "Themystic"
80
81
40OWASP TigerNone because hasn't been contacted ????????https://www.owasp.org/index.php/OWASP_TigerBoris Maletic
Dinis Cruz		Not Known
dinis.cruz@owasp.org		To see whether or not Dinis has B. Maletic email address
82
83
41OWASP Tools Project1. None because hasn't been contacted.
2. Vishal Garg has volunteered to lead the project
Give leadership to Vishal Garg
https://www.owasp.org/index.php/Category:OWASP_Tools_ProjectLarry SutoNot knownHas the mention to contact Tom Brennan - tomb@owasp.org
84
85
42OWASP Validation ProjectNone because hasn't been contacted ????????https://www.owasp.org/index.php/Category:OWASP_Validation_ProjectNot knownNot knownowasp-validation@lists.owasp.orgHas the mention to contact Eric Sheridan eric.sheridan@aspectsecurity.com
86
87
43OWASP Vicnum ProjectYes it is active. We have made several updates on sourceforge and have prepared prizos for owasp events.
But I could always use a technical contact. Do you have any suggestions ?		None. I will contact project lead to ask about the "technical contact"https://www.owasp.org/index.php/Category:OWASP_Vicnum_ProjectMordecai Krausharmordecai@ciphertechs.comowasp-vicnum-project@lists.owasp.org
88
89
44OWASP Web 2.0 ProjectNone because hasn't been contacted ????????https://www.owasp.org/index.php/Category:OWASP_Web_2.0_ProjectNot knownNot knownNot knownThe last update was made in 6 July 2007 by Dharmeshmm
dharmeshmm@gmail.com
90
91
45OWASP Web Application Scanner Specification ProjectNoneNone. Has been set up less than three monthshttps://www.owasp.org/index.php/Category:OWASP_Web_Application_Scanner_Specification_ProjectCorey LeBleucoreylebleu@gmail.comowasp-web-app-scanner-specification-project@lists.owasp.org
92
93
46OWASP Web Application Security Metric using Attack Patterns ProjectNoneNone. Has been set up less than three monthshttps://www.owasp.org/index.php/Category:OWASP_Web_Application_Security_Metric_using_Attack_Patterns_ProjectRaja Krovirskrovi@rediff.comowasp-web-application-security-metric@lists.owasp.org
94
95
47OWASP Web Application Security Put Into PracticeHi Paulo,
I don't know how to go about this, some time back we decided to rename it to "Ruby on Rails Security Guide", so I guess this one is outdated. The new one "Ruby on Rails Security Guide" is actively maintained as stated in the Google spreadsheet.
Best regards,
Heiko.		To archive and redirecthttps://www.owasp.org/index.php/Category:OWASP_Web_Application_Security_Put_Into_PracticeHeiko Webersheikowebers@gmx.net
96
97
48OWASP Web Services Security Project1. None
2. Subu Ramanathan has volunteered to lead the project		Give leadership to Subu RamanathanNEED new Leaderhttps://www.owasp.org/index.php/Category:OWASP_Web_Services_Security_ProjectSahba Kazerooni
Nish Bhalla		sahba@securitycompass.com
98
99
49OWASP Webekci ProjectYes I'm leading this project.
2. Do you or the new lead require assistance either with the technical aspects of your project, or with leading it?
I'm about to release the project'ss second version. I may need the technical assistance you mentioned after the second release. Do I have any chance to fill the 2009 elf Update Survey?		I will answer asking about the technical assistance and sending off the linkhttps://www.owasp.org/index.php/Category:OWASP_Webekci_ProjectBünyamin Demirbunyamin@owasp.org
100