One of the most difficult thing, while developing a security tool, is designing the knowledge base. A good knowledge base must have: a high level of maintainability; smooth upgrade mechanism; a comprehensive grammar. The latest point is the most difficult to achieve. For the new Orizon tool, I started thinking about using JSON text file format,… Read More Designing a good knowledge base
When I was involved in the Owasp project, it was 2004 and I was pretty new in the Application Security world (now you must use Cyber Security instead). Since the beginning I loved most spending my time defending source code from being compromised. For sure I was able, and still I am, to perform a penetration… Read More This is a story of an endless love
Hi there, yesterday I gave a talk (sorry Italian language only) at Security Summit about the Owasp tools you can use for your application security fight. When I talked about the tools I wrote for Owasp, I mentioned Owasp Orizon that it’s no longer updated since 7 months that it’s an huge amount of time.… Read More Final deadline
I have to admit, I love “The Matrix” movie and I watched it until I was able to reproduce some speeches (in Italian of course). It’s been a long time since last post and I had no work on Orizon since that. Mainly because I changed my daytime job and I’m trying to start a… Read More It’s all about following the white rabbit
[tweetmeme source=”owasporizon”] Well, the most important thing I learnt while working on Owasp Orizon is that drawing a roadmap for a software tool, when you can work on it only on your spare time it’s useless. It’s better to admit that the overall project development is based on a best effort approach. Everyone has his… Read More Getting ready for a radical change
[tweetmeme source=”owasporizon”] Some time ago, the Owasp Orizon engine was divided by its command line frontend, Milk. It’s perfectly clear for anybody on this planet, that Milk project is dead and it’s not to be used anymore. I received a bunch of months ago some emails from people interested in Milk. After I forwarded them… Read More For people interested in Milk
These days a lot of changes are happening in my life. One of them is the reorganization of my “opensource project” portfolio with consistency in mind. Since I’ve got a lot of code, and a lot of project to be published in the very next future, I chose github as platform and git as versioning… Read More Moved from Google Code to GitHub
Mirage is the most important part of Owasp Orizon. In fact without a good modeling engine a static analysis tool doesn’t make sense. Our language packs contain a parser/lexer pair generated with freecc tool. Freecc is a great tool but latest release is one year old and only few grammars are available in the wild.… Read More Modeling toughts before the change
Yes… I failed following my roadmap but the latest was a very strange month. But… ok… we’re live again and we want to deliver…
This evening the main ant build file is back again and now it is possible to build Owasp Orizon 1.30 Jar files back again using ant. I purged a lot of stuff from build file. It won’t be possible anymore to regenerate language packs straight from the core build file. This is due to reflect… Read More Build system up and running again
The Owasp Orizon project 