|Project Name||Project Leader's Answer||Project Manager|
- Proposed action to be taken
|Global Projects Committee|
- Action to be taken
|Project Link||Project Leader||Email Address||Mailing list||Notes|
|1||OWASP AIR Security Project||1) I am currently leading the OWASP AIR Security Project|
2) If volunteers want to assist, then they are always welcome to assist. However, I currently do not require additional resources.
3) I would like the project to remain open.
|2||OWASP AJAX Security Project||1. Rohini Sulatycki said "I don't think that I have the time to lead it and |
am happy to hand it over to someone else.
2. Anurag Agarwal wants to assume the project's leadership.
|Give leadership to Anurag Agarwal||Give leadership to Anurag Agarwal||https://www.owasp.org/index.php/Category:OWASP_AJAX_Security_Project||Rohini Sulatyckifirstname.lastname@example.orgemail@example.com||The leadership was given to Anurag Agarwal (18 June 09)|
|3||OWASP Application Security Assessment Standards Project||None||Classify as orphan or archive||NEED new Leader||https://www.owasp.org/index.php/Category:OWASP_Application_Security_Assessment_Standards_Project||Cliff Barlowfirstname.lastname@example.orgemail@example.com|
|4||OWASP Application Security Metrics Project||1. None|
I've been put into contact with Jeff Barto who is interested in contributing to the OWASP Application Security Metrics Project. The project was declared orphaned earlier. Jeff is willing to take up the leadership of this project. See Jeff's vision in the thread below.
I'd like to add discussion of changing leaders to the agenda to tonight's meeting (http://www.owasp.org/index.php/GPC_Agenda_2009-08-03).
|Give leadership to Jeff Barto||Give leadership to Jeff Barto||https://www.owasp.org/index.php/Category:OWASP_Application_Security_Metrics_Project||Bob Austinfirstname.lastname@example.orgemail@example.com|
|5||OWASP AppSec FAQ Project||None||Classify as orphan or archive||NEED new Leader||https://www.owasp.org/index.php/Category:OWASP_AppSec_FAQ_Project||Sangita Pakalafirstname.lastname@example.org|
|6||OWASP Career Development Project||None||Classify as orphan or archive||NEED new Leader||https://www.owasp.org/index.php/Category:OWASP_Career_Development_Project||Lee.Kushneremail@example.com|
|7||OWASP Certification Criteria Project||None||Classify as orphan or archive||NEED new Leader||https://www.owasp.org/index.php/Category:OWASP_Certification_Criteria_Project||Larry? Alisonfirstname.lastname@example.orgemail@example.com|
|8||OWASP Communications Project||None||Classify as orphan or archive||NEED new Leader||https://www.owasp.org/index.php/Category:OWASP_Communications_Project||Neil Rerupfirstname.lastname@example.orgemail@example.com|
|9||OWASP Corporate Application Security Rating Guide||I am not able to work on the application security guide as I am working long hours at work. |
Request you to do whatever the committee thinks is best for the project.
|Classify as orphan or archive||NEED new Leader||https://www.owasp.org/index.php/OWASP_Corporate_Application_Security_Rating_Guide||Parvathy Iyerfirstname.lastname@example.org||https://lists.owasp.org/mailman/listinfo/owasp-corporate-application-security-rating-guide|
|10||OWASP CRM Project||None||None - The project has been set up recently - less than 3 months.||https://www.owasp.org/index.php/Category:OWASP_CRM_Project||Tom Brennanemail@example.comfirstname.lastname@example.org|
|11||OWASP Education Project||sorry for the late reply.|
Martin will take over as project leader!
|Replace Seba/Martin||https://www.owasp.org/index.php/Category:OWASP_Education_Project||Seba Deleersnyderemail@example.comfirstname.lastname@example.org|
|12||OWASP Encoding Project||None||Classify as orphan or archive||NEED new Leader||https://www.owasp.org/index.php/Category:OWASP_Encoding_Project||Michael Eddingtonemail@example.com|
|13||ESAPI Swingset||Hi Paulo,|
This is really part of the ESAPI project and it is active. Can we just merge?
|14||OWASP Flash Security Project||None.|
Peleus Uhley (project's contributor) wrote:
> I noticed that OWASP has labeled the Flash Security project as
> orphaned and I am writing to see what I can do to change its status.
> A few months ago I sent in the GPC surveys for both the Flash and AIR
> security projects. Is the project considered orphaned because Stefano
> DiPaola is stepping down from being its lead? If so, then I will
> volunteer to take over as lead on the project. I have been doing most
> of the updates over the last few months, anyway. Let me know what you
> Thanks, -Peleus
|Stefano Di Paola by Peleus Uhley||I'm not sure if I'm remembering this 100% accurately but I believe your |
reasoning is correct about why those projects were listed as orphaned.
How to change the leadership from Stephano to you? Generally, I'd
say "Send an email to Paulo Coimbra, the GPC's best friend and
general project manager for OWASP". But, I've sent this email to him
as well so he should be able to let you know the next steps.
Thanks for stepping up and volunteering to help OWASP!
-- Matt Tesauro
|https://www.owasp.org/index.php/Category:OWASP_Flash_Security_Project||Stefano Di Paolafirstname.lastname@example.org|
|15||OWASP Fuzzing Code Database||1. None because hasn't been contacted |
2. Wganer Elias volunteered to assume the lead
|Hand out the leadership to Wagner Elias||GPC has hand out the leadership to Wagner Elias||https://www.owasp.org/index.php/Category:OWASP_Fuzzing_Code_Database||Not known||Not known||Not known|
|16||OWASP Honeycomb Project||The Honeycomb project was incorporated by ASDR, so this project doesn't|
exists no more. Its main page may be forwarded to ASDR main page.
|Leonardo has implemented his own suggestion. |
No action needs to be taken.
|17||OWASP Insecure Web App Project||https://www.owasp.org/index.php/Category:OWASP_Insecure_Web_App_Project||Lawrence Angrave||Not Known||To contact Laurence Casey who has been updating the wiki page|
|18||OWASP Interceptor Project||HI Paulo,|
So things have been extremely busy with me on the personal/business front and i haven’t had much time for OWASP (unfortunately) especially after the time that went into the owasp conf in AU..
Anyhow the interceptor project is mine, it’s something i did a while ago i have the source code (it requires paid binaries) hence why the source isn’t online.. I was going to use some money from the previous (soc) as you know i pulled out due to time constraints..
Unfortunately due to some health/personal issues i am not going to have much time for at least the next few months..
Happy for someone to take over the project if they wish.. I do get alot of requests for assistance from the tool, but get to the responses when i can.
|??????||Leonardo's answer: IMHO, this is the type of project that we should avoid sponsor for this or any SoC.|
The link for project file is not working. It`s free for use, but there`s no source code available and "it requires paid binaries", that is totally against OWASP principles.
I dont know if there is any other project on the same situation, but if so, we should cut them off from SoC.
Dinis: If this is true, this should NOT BE an OWASP project
|19||OWASP JBroFuzz||Yes. I am the project lead on this project; for the last time, due to contractual obligations, I do not advertise my name on the project page and use the alias subere instead.||Needs support to find reviewers. |
Maybe can wait and use the new assessment criteria.
|20||OWASP Jobs Project||I've completely abandoned OWASP. |
I didn't do anything with the jobs project before I bailed out.
|To archive or classify as orphan||NEED new Leader||https://www.owasp.org/index.php/Category:OWASP_Jobs_Project||Andy Lewisemail@example.comfirstname.lastname@example.org|
|21||OWASP Joomla Vulnerability Scanner Project||Right before finishing my OWASP Joomla Vulnerability Scanner projects, I got some jobs and got busy. Now I've finished coding it.|
I now send it to my 1st, 2nd and board member for review.
Thank you so much for your letting me know.
|None. Has been set up less than three months||https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project||Aung Khantemail@example.comfirstname.lastname@example.org|
|22||OWASP LAPSE Project||None (Project Leader, Benjamim)|
(Mike Boberski) GPC, does anyone have a copy of the source for either
the last contributed version of LAPSE, or the latest version on the
Stanford website? I sent an email to the last known POC (Benjamin),
It would be handy for me to have a tool to support interactively
highlighting paths between suspected sources and sinks while
performing a manual review. E.g., double-click on a variable,
and have not just instances of that variable highlight, but then after
an assignment, highlight the assigned variable (which is now tainted), etc.
I would like to examine the source to determine if I can bend it with
relative ease for my purposes (add an on-click event type interface,
add a custom languge interface to highlight configurable sets of keywords,
strip out the detection/classification rules, make it work with PHP). If so
I may then volunteer to become the project lead, that would be my
I have also contacted Benjamin Livshits without being answered back.
If you ultimately decide to adopt the
please give us a heads-up.
|NEED new Leader||https://www.owasp.org/index.php/Category:OWASP_LAPSE_Project||Benjamin Livshitsemail@example.com|
|23||OWASP LiveCD Education Project||None||Redirect to live CD||https://www.owasp.org/index.php/Category:OWASP_LiveCD_Education_Project||Josh Sweeneyfirstname.lastname@example.org||owasp-live-cd-education@)lists.owasp.org|
|24||OWASP Logging Project||1. None|
2. Marc Chisinevski volunteered to assume the leadership
|Hand out the leadership to Marc Chisinevski||GPC handed out the leadership to Marc Chisinevski||https://www.owasp.org/index.php/Category:OWASP_Logging_Project||Anthony Laiemail@example.comfirstname.lastname@example.org|
|25||OWASP Mutillidae||None||None. Has been set up less than three months||https://www.owasp.org/index.php/Category:OWASP_Mutillidae||Adrian Crenshawemail@example.comfirstname.lastname@example.org|
|26||OWASP OpenSign Server Project||None||None. Has completed its SoC 08 phase less than 3 months ago.||https://www.owasp.org/index.php/Category:OWASP_OpenSign_Server_Project||Phil Potiskemail@example.com||Owasp-OpenSign-Server-Project@lists.owasp.org|
|27||OWASP Oracle Project||None because hasn't been contacted||????????||https://www.owasp.org/index.php/Category:OWASP_Oracle_Project||Marinus J. Kuivenhoven||Not Known||Not Known|
|28||OWASP Pantera Web Assessment Studio Project||None||To archive or classify as orphan||NEED new Leader||https://www.owasp.org/index.php/Category:OWASP_Pantera_Web_Assessment_Studio_Project||Simon R. Femerlingfirstname.lastname@example.orgemail@example.com|
|29||OWASP PHP AntiXSS Library Project||None||To archive or classify as orphan||NEED new Leader||https://www.owasp.org/index.php/Category:OWASP_PHP_AntiXSS_Library_Project||Andrew van der Stockfirstname.lastname@example.org|
|30||OWASP PHP Project||1. Are you currently leading the|
https://www.owasp.org/index.php/Category:OWASP_PHP_Project? If not, can you provide the name of the new lead?
Yes I am.
2. Do you or the new lead require assistance either with the technical aspects of your project, or with leading it?
Currently I don't require any assistance.
The project has been dormant for some time, however I do have a lot of documentation that I have created locally (on my PC) and will migrate to the the wiki in the near future.
the project can be marked as in-development, or 'starting phase', however please do not retire/decomission the project entirely.
|Assist the project leader with the documentation's migration.||https://www.owasp.org/index.php/Category:OWASP_PHP_Project||Serg Belokamenemail@example.comfirstname.lastname@example.org|
|31||OWASP Report Generator||Mark Roxberry has volunteered to assume the leadership||Give leadership to Mark Roxberry||https://www.owasp.org/index.php/ORG_(Owasp_Report_Generator)||Dinis Cruz|
Mike de Libero
|The leadership was given to Mark Roxberry|
|32||OWASP Scholastic Application Security Assessment Project||I have no time or interest in continuing this project.||To archive or classify as orphan||NEED new Leader||https://www.owasp.org/index.php/Category:OWASP_SASAP_Project||Eric Sheridan|
|33||OWASP Security Spending Benchmarks||Yes, the project is still very much active under my leadership. |
We do not require any technical assistance at the moment but I will let you know if that changes.
|34||OWASP SiteGenerator||None||To archive or classify as orphan||NEED new Leader||https://www.owasp.org/index.php/Owasp_SiteGenerator||Mike de Libero|
|35||OWASP Source Code Review OWASP Projects Project||None||Archive||Ask Eoin to see if they want to take this content (if not archive it) & Dan Cornel||https://www.owasp.org/index.php/Category:OWASP_Source_Code_Review_OWASP_Projects_Project||James Waldenemail@example.com||OWASP-SCode-Review-OWASP-Projects@lists.owasp.org|
|36||OWASP Speakers Project||Sebastien has invited Martin Knobloch to assume the project's |
leadership and he has accepted.
|None||https://www.owasp.org/index.php/Category:OWASP_Speakers_Project||Martin Knoblochfirstname.lastname@example.org||Not known|
|37||OWASP SQLiX Project||None||To archive or classify as orphan||NEED new Leader||https://www.owasp.org/index.php/Category:OWASP_SQLiX_Project||Cedric Cochinemail@example.comfirstname.lastname@example.org|
|38||OWASP Stinger Project||Has sent a file with the content to fill in the Jason's questionnaire. |
I wasn't able to open it up and asked the project leader to fill in the form.
|39||OWASP SWAAT Project||Hello Josiah, |
My name is Tom Aratyn and I’m the lead software developer at Security Compass. Thank you for letting us know about the broken link. We recently updated our website (as well as launching our Labs initiative at http://labs.securitycompass.com) and unfortunately those files got misplaced for a bit.
I also wanted to let you know that Security Compass is no longer actively developing SWAAT however we hope that you find it a useful tool and that it helps you.
All the best,
Software Developer, Security Compass
2. Suresh Ranganathan has volunteered to lead the project (16/06/2010)
|To archive or classify as orphan||https://www.owasp.org/index.php/Category:OWASP_SWAAT_Project||Tom Aratynemail@example.com||Last time actualized: 9 March 2009 by the user "Themystic"|
|40||OWASP Tiger||None because hasn't been contacted||????????||https://www.owasp.org/index.php/OWASP_Tiger||Boris Maletic|
|To see whether or not Dinis has B. Maletic email address|
|41||OWASP Tools Project||1. None because hasn't been contacted.|
2. Vishal Garg has volunteered to lead the project
|Give leadership to Vishal Garg||https://www.owasp.org/index.php/Category:OWASP_Tools_Project||Larry Suto||Not known||Has the mention to contact Tom Brennan - firstname.lastname@example.org|
|42||OWASP Validation Project||None because hasn't been contacted||????????||https://www.owasp.org/index.php/Category:OWASP_Validation_Project||Not known||Not email@example.com||Has the mention to contact Eric Sheridan firstname.lastname@example.org|
|43||OWASP Vicnum Project||Yes it is active. We have made several updates on sourceforge and have prepared prizos for owasp events.|
But I could always use a technical contact. Do you have any suggestions ?
|None. I will contact project lead to ask about the "technical contact"||https://www.owasp.org/index.php/Category:OWASP_Vicnum_Project||Mordecai Krausharemail@example.comfirstname.lastname@example.org|
|44||OWASP Web 2.0 Project||None because hasn't been contacted||????????||https://www.owasp.org/index.php/Category:OWASP_Web_2.0_Project||Not known||Not known||Not known||The last update was made in 6 July 2007 by Dharmeshmm|
|45||OWASP Web Application Scanner Specification Project||None||None. Has been set up less than three months||https://www.owasp.org/index.php/Category:OWASP_Web_Application_Scanner_Specification_Project||Corey LeBleuemail@example.comfirstname.lastname@example.org|
|46||OWASP Web Application Security Metric using Attack Patterns Project||None||None. Has been set up less than three months||https://www.owasp.org/index.php/Category:OWASP_Web_Application_Security_Metric_using_Attack_Patterns_Project||Raja Kroviemail@example.comfirstname.lastname@example.org|
|47||OWASP Web Application Security Put Into Practice||Hi Paulo,|
I don't know how to go about this, some time back we decided to rename it to "Ruby on Rails Security Guide", so I guess this one is outdated. The new one "Ruby on Rails Security Guide" is actively maintained as stated in the Google spreadsheet.
|To archive and redirect||https://www.owasp.org/index.php/Category:OWASP_Web_Application_Security_Put_Into_Practice||Heiko Webersemail@example.com|
|48||OWASP Web Services Security Project||1. None|
2. Subu Ramanathan has volunteered to lead the project
|Give leadership to Subu Ramanathan||NEED new Leader||https://www.owasp.org/index.php/Category:OWASP_Web_Services_Security_Project||Sahba Kazerooni|
|49||OWASP Webekci Project||Yes I'm leading this project.|
2. Do you or the new lead require assistance either with the technical aspects of your project, or with leading it?
I'm about to release the project'ss second version. I may need the technical assistance you mentioned after the second release. Do I have any chance to fill the 2009 elf Update Survey?
|I will answer asking about the technical assistance and sending off the link||https://www.owasp.org/index.php/Category:OWASP_Webekci_Project||Bünyamin Demirfirstname.lastname@example.org|