Security/Automation/Winter Of Security 2016/ZAP Form Handling: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
(Skeleton of document created)
Line 2: Line 2:
== Team ==
== Team ==
=== Introduction ===
=== Introduction ===
Our team is comprised of three enthusiastic Information Technology students who attend Arizona State University's Polytechnic Campus. All of us have a focus area in Network Administration and Security, and an interest to learn about all different aspects of the IT industry. As part of our Senior Capstone course we are required to pick a project that spans two semesters, that will demonstrate our collective abilities which we have learned throughout our time in ASU’s program. As a group, we have elected to focus on a security related topic which led us to find Mozilla’s Winter of Security program.
Our team is...


=== Members ===
=== Members ===
* Ryan Wehe
*  
* Christopher Laguna
*  
* Rian Franey
*  
* Professors: Damien Doheny and Dr. Usha Jagannathan
* Professors:  
* Mozilla Advisor: [https://mozillians.org/en-US/u/psiinon/ Simon Bennetts]
* Mozilla Advisor: [https://mozillians.org/en-US/u/mgoodwin/ Mark Goodwin]


== Project ==
== Project ==
=== Description ===
=== Description ===
The ZAP traditional and Ajax spiders explore an application by putting basic default values in all forms. These may often not be valid values, for example using "ZAP" when an email address is required.


The project enhancement would allow the user to define default values based on pattern matching against the field names and/or ids.


=== Success Criteria ===
=== Success Criteria ===
This project is successful if:
This project is successful if:
* User able to specify default values for all forms used by the ZAP spiders
*  
* Display all of the forms and fields for an application and allow the user to update the default values to be used
* Full support for defining default values via the API


Timeframe: March 2017.
Timeframe: March 2017.
Line 29: Line 25:
=== Bi-Week Ending 2016-MM-DD ===
=== Bi-Week Ending 2016-MM-DD ===


Week One (2016-10-17)
Week One (2016-10-)
* Set up ZAP environment.
*
* Successfully made changes to default values used by the ZAP spiders
* Becoming familiar with ZAP's coding
 
Week Three (2016-10-31)
* Built a simple Spider
* Became familiar with HTML parsing and form handling
* Created a value generator interface

Revision as of 15:44, 3 November 2016

WinterOfSecurity logo light horizontal.png

Team

Introduction

Our team is...

Members

Project

Description

Success Criteria

This project is successful if:

Timeframe: March 2017.

Updates

Bi-Week Ending 2016-MM-DD

Week One (2016-10-)

Retrieved from "https://wiki.mozilla.org/index.php?title=Security/Automation/Winter_Of_Security_2016/ZAP_Form_Handling&oldid=1153451"