owasp mantra - an introductionwhat is mantra ? 11 collection of hacking tools/ add-ons a security...
TRANSCRIPT
![Page 1: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/1.jpg)
The OWASP Foundationhttp://www.owasp.org
OWASP Mantra - An Introduction
Prepared By-Team Mantra-
![Page 2: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/2.jpg)
The Browser Evolution
2
![Page 3: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/3.jpg)
Netscape Navigator1994
![Page 4: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/4.jpg)
Microsoft IE1995
![Page 5: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/5.jpg)
Opera1996
![Page 6: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/6.jpg)
6
Safari2003
![Page 7: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/7.jpg)
Mozilla Firefox2004
![Page 8: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/8.jpg)
Google Chrome2008
![Page 9: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/9.jpg)
9
Why not a hack3r’s browser ?
Mantra2010
![Page 10: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/10.jpg)
What ?
What is Mantra?
What Mantra is NOT?
What is the use?
![Page 11: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/11.jpg)
What is Mantra ?
11
Collection of Hacking Tools/ Add-ons
A security framework that can aid in exploit development
![Page 12: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/12.jpg)
12
Browser Based – Its built on top of Browser
But “not just a browser”
What is Mantra ?
Cross platform & Flexible
![Page 13: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/13.jpg)
13
Free as in “Free Beer” and “Free Speech”
Open Source
![Page 14: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/14.jpg)
What is the use ?
Reconnaissance
Scanning & Enumeration
Gaining AccessEscalation of
privileges
Maintaining access &
Covering tracks Five
phases of attacks
![Page 15: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/15.jpg)
page 15
What Mantra is NOT?
Not an one click Pwnage tool
Not mature enough to suit a particular need
Don’t uninstall your Metasploit and W3af ;)
Not a replacement for your normal browser
Not completely integrated
![Page 16: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/16.jpg)
16
Why Mantra ?
Plenty of extensions available officially and unofficially (Firesheep for instance )
Analyzing each and every add-on is a tedious task (Let us do it for you )
Many extensions going unnoticed
Security researchers should know the power of browser platform
![Page 17: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/17.jpg)
17
Mantra- Form the past to the Present
Started in October 2010
Released first public beta 0.52 at ClubHackConference in December 2010
Became an OWASP project in March 2011
Integrated With other active projects (FireCAT, Open Pen Test Bookmarks etc )
Released second public beta 0.61 c0de named “Gandiva” on 15th June 2011
![Page 18: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/18.jpg)
18
Mantra- Future ?
Framework – A fine tuned framework with collection of tools and exploits (Beyond a browser! Beyond a toolkit!)
Add-ons – Let’s develop add-ons for Mantra (Yes, You can help us!)
![Page 19: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/19.jpg)
19
The Team
Abhi M Balakrishnan – Project Leader
Gokul C Gopinath – Team Leader
Yashartha Chaturvedi – Project Manager
Gopu C Gopinath – Artworks
![Page 20: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/20.jpg)
20
How Can I Contribute ?
Develop – Write add-ons/tools for Mantra
Pre/Post release testing – Report bugs and help us to fix it
Idea – Input your ideas to make Mantra better
Code | Modify --> Extensions | Framework
![Page 21: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/21.jpg)
21
Links
Website: http://www.getmantra.com/Forums: http://www.getmantra.com/forums/Blog: http://getmantra.tumblr.com/
Mantra on Facebook: https://www.facebook.com/getmantraMantra on Twitter :http://twitter.com/getmantra
Download Location:http://www.getmantra.com/download/index.html
Other Links :http://en.wikipedia.org/wiki/OWASP_Mantra_Security_Frameworkhttps://www.owasp.org/index.php/OWASP_Mantra_-_Security_Framework
![Page 22: OWASP Mantra - An IntroductionWhat is Mantra ? 11 Collection of Hacking Tools/ Add-ons A security framework that can aid in exploit development](https://reader034.vdocuments.site/reader034/viewer/2022042407/5f2176c86b69942eb567e4c3/html5/thumbnails/22.jpg)
22
Thank You!-Team Mantra-