Fedora Security Spin QA Efforts
Kashyap Chamarthy
kashyapc at fedoraproject.org
Thu Feb 18 20:50:52 UTC 2010
On 02/19/2010 02:07 AM, Adam Miller wrote:
> Hello all,
> This is mainly going out to those who are interested in the
> (hopefully) upcoming Security Spin. I want to establish some QA
> efforts as to provide a high quality experience to security
> professionals and hobbyists alike who are interested in the project. I
> would like to first do a break down of test cases for all the
> security-centric packages involved in the security spin as that is the
> "bread and butter" of the spin and are generally "niche" applications
> which require some sort of expertise or a slightly higher learning
> curve than your average web browser (just for example). Once that part
> is complete, I would also like to apply AdamW's Desktop Test Cases to
> it in order to get a higher level outlook of making sure that portion
> of the Spin is of high quality as well.
>
> Here is the current list of packages shipped with the Security Spin:
> https://fedorahosted.org/security-spin/wiki/availableApps if anyone is
> familiar with any of these apps it would be greatly appreciated if you
> could put together a short snippet or "how to" for basic use that can
> be used for a test case. Feel free to reply here to this thread and I
> can input them into the wiki or post your results here:
> https://fedoraproject.org/wiki/SecuritySpin:QA_Brainstorm
I took a quick look at the available apps. Would you like to consider 'ratproxy' - a very
nice open source tool for web-application security assessment from Google. Which I've used
a couple of times earlier and got some really useful results.
http://code.google.com/p/ratproxy/
It could be added to the 'reconnaissance' category. (though it's a little more than just that)
Oh, and it's available in Fedora.
/kashyap
>
> Many thanks to all,
> -AdamM
>
More information about the test
mailing list