In the context of the lecture Network Penetration Testing at the University of Applied Scienses in Augsburg, I recently did an evaluation of the Offensive Web Testing Framework (OWTF) from the Open Web Application Security Project (OWASP).

Read the full paper here.

Abstract

Penetration testers often need to work under time pressure. Companies may have limited budget but still need high quality results quickly. Therefore it is a major goal for penetration testers to work as efficient as possible and integrate the use of sophisticated and comprehensive tools to reach this goal.

In the context of the lecture Network Penetration Testing at the University of Applied Sciences, Augsburg, a collection of such tools will be presented in this report: the Offensive Web Testing Framework (OWTF) from the Open Web Application Security Project (OWASP).

First, the motivation of this project will be explained followed by a feature overview. After a short technical analysis, installation instructions will be given. Afterwards a demonstration of the usage and the tools’ possibilities will be presented. Finally, a conclusion related the productive use of the tool completes this document.

You can read the full paper here.