As
information security professionals, we conduct security assessments for
companies. One of the biggest problems we have is after all the data
is collected, how can we correlate the data accurately. So we decided
to start a project to solve this problem, and we are calling it Open
Source Security Assessment Management System (OSSAMS). OSSAMS is a
framework for putting configuration files, security scan data files
(like Nessus), and other data collected, during a security assessment or
penetration test, into a RDBMS.
The framework is going to be designed in a fashion similar to Metasploit, SNORT, or other systems that allow the security community to create plugins for new tasks as needed. The primary goal of OSSAMS is to normalize the data, there by allowing the security professional to better assess the current state of security for an organization.
Completed:The framework is going to be designed in a fashion similar to Metasploit, SNORT, or other systems that allow the security community to create plugins for new tasks as needed. The primary goal of OSSAMS is to normalize the data, there by allowing the security professional to better assess the current state of security for an organization.
acunetix, burp, grendel, nessus, netsparker, nexpose community, nikto, nmap, ratproxy, retina community, skipfish, sslscan, w3af, wapiti, watcher, websecurify, zap.
Roadmap:
Appscan, arachni, core impact, fierce, httprint, iss, languard, metasploit, ncircle, nexpose, n-stalker, ntospider, openvas, proxystrike, retina, saint, sandcat, webcruiser, webinspect, wsfuzzer…
Requires:
Python > 2.5;
Python-mysqldb; and
Lxml.
Thank You For Share this article check our website
ReplyDeletecoimbatore immigration consultant