Security/Meetings/Automation/2014-02-04
From MozillaWiki
< Security | Meetings | Automation
Agenda
- status updates
- discussions
Zest examples
- https://github.com/mozilla/zest/wiki/exampleBodgeitRegXSS
- https://github.com/mozilla/zest/blob/master/examples/BodgeIt_Register_XSS.zst
Yara example:
Status Updates
- freddyb
- bugfixing, yay \\o \o/ o//
- mgoodwin
- DOM XSS testcase generator
- More work on lyrefuzz harness (lots of problems with webdriver - in process of rewriting)
- psiinon
- ZAP plugable reports plus misc stuff
- Prep for Oracle webcast and StudentHack
- ZAP 2.3 planned for mid feb http://code.google.com/p/zaproxy/issues/list?q=label:Version-2.3.0
- ZAP 2 hour course? OWASP Austin
- GSoC 2014!
- ulfr
- Cipherscan
- new version supports STARTTLS and CHACHA20
- https://github.com/jvehent/cipherscan
- https://chromium.googlesource.com/chromium/deps/openssl/
- chrome to move from NSS to openssl in the future https://docs.google.com/a/mozilla.com/document/d/1ML11ZyyMpnAr6clIAwWrXD53pQgNR-DppMYwt9XvE6s/edit#heading=h.kppc0tyfzf0n
- MIG
- lots of work on action format with kang
- is this self explanatory? https://dpaste-bkero.paas.allizom.org/E2IY
- ideas for a conditional syntax: if CHECK1 and CHECK2 or CHECK3 or CHECK 1 and CHECK3
- JSON logging standard
- Cipherscan
- dchan
- jeff
- arroway: