<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>OWASP SamuraiWTF</title> <link rel="stylesheet" href="styles.css"> </head> <body> <header class="hero"> <nav> <div class="container"> <div class="nav-wrapper"> <a href="#" class="logo"> <img src="samurai-basic-logo.png" alt="OWASP Samurai Web Training Framework"> </a> <ul class="nav-links"> <li><a href="https://github.com/SamuraiWTF/samuraiwtf">GitHub</a></li> <li><a href="https://github.com/SamuraiWTF/samuraiwtf/wiki">Documentation</a></li> <li><a href="http://tiny.si/samurai" class="button">Download VM</a></li> </ul> </div> </div> </nav> <div class="hero-content"> <img src="samurai-basic-logo.png" alt="OWASP Samurai Web Training Framework" height="78"> <h1>OWASP SamuraiWTF</h1> <p>The best security training environment for Developers and AppSec Professionals</p> </div> </header> <nav class="sub-nav"> <div class="container"> <ul> <li><a href="#about">About</a></li> <li><a href="#history">History</a></li> <li><a href="#core-contributors">Core Contributors</a></li> <li><a href="#alumni">Alumni</a></li> <li><a href="#sponsors">Sponsors</a></li> </ul> </div> </nav> <main class="container"> <section id="about"> <h2>About</h2> <div class="content"> <p>OWASP SamuraiWTF is a complete linux desktop for use in application security training. It is free and open-source, distributed both as pre-built VMs and as <i>source code</i>. The source consists of a Vagrantfile, static assets, and build scripts. During the build process, it retrieves a variety of tools and training targets. Most of these are open-source projects managed by their own respective teams and contributors. Some examples are:</p> <ul> <li>OWASP Juice Shop</li> <li>OWASP Zed Attack Proxy</li> <li>Mutillidae</li> <li>SQLMap</li> </ul> <p>It also includes some proprietary software, such as the Community Edition of PortSwigger's Burp Suite.</p> <p>OWASP SamuraiWTF welcomes and encourages issues on the GitHub repository for bugs and enhancements. If you have the skills to contribute, pull requests are also always welcome.</p> </div> </section> <section id="history"> <h2>History</h2> <div class="content"> <p>OWASP SamuraiWTF was created in August of 2008. Originally it was a bootable environment designed to provide web application testing tools. The goal was to mimic Backtrack (Now Kali) but focus only on the tools used during a web penetration test. The bootable ISO was hosted on Sourceforge, and updated as the team found time. Over the years this bootable ISO was retired and virtual machines became the primary distribution.</p> <p>Around 2016, the SamuraiWTF project team made two big changes. First, the project was moved to Github to enable better coordination between developers. The team also started to focus more on building out a training environment, instead of just trying to build a testing platform. This is because knowledge sharing is a core part of the team's ethics and fits perfectly the open source concepts.</p> <p>The current version 5.0 is based on Vagrant. This allows the team to support multiple environments and platforms. For example, the main branch supports being built in AWS and as a local virtual machine.</p> </div> </section> <section id="core-contributors"> <h2>Core Contributors</h2> <div class="contributors"> <div class="contributor"> <img src="images/kevin.jpg" alt="Kevin Johnson"> <h3>Kevin Johnson</h3> <p>Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is a faculty member at IANS and was an instructor and author for the SANS Institute.</p> </div> <div class="contributor"> <img src="images/jasongillam.png" alt="Jason Gillam"> <h3>Jason Gillam</h3> <p>Jason Gillam is Chief Information Officer (CIO) at Secure Ideas and an IANS faculty member. He has over 20 years of industry experience in enterprise software development, system architecture, and application security. Jason has spent most of his career in technical leadership roles ranging from startups to fortune 100 companies and has learned the business acumen necessary to advise everyone from developers to senior executives on security and architecture.</p> </div> <div class="contributor"> <img src="images/mic.png" alt="Mic Whitehorn-Gillam"> <h3>Mic Whitehorn-Gillam</h3> <p>Mic Whitehorn-Gillam is a senior security consultant for Secure Ideas. Before entering the information security field he spent about a decade in web application architecture and development, and nearly five years in systems integration consulting. He possesses broad knowledge across many programming languages ranging from legacy COBOL to enterprise Java and C# to modern Ruby, Python, and JavaScript.</p> </div> </div> </section> <section id="alumni"> <h2>Alumni</h2> <p>Justin Searle</p> </section> <section id="sponsors"> <h2>Sponsors</h2> <p><a href="https://www.secureideas.com" class="sponsor-link">Secure Ideas</a></p> </section> </main> <footer> <div class="container"> <p>&copy; 2024 OWASP SamuraiWTF. All rights reserved.</p> </div> </footer> </body> </html>