Archive for Meeting Minutes

OSSAMS Meeting Minutes – 7Dec 2011

Cody has been working on setting up the SVN environment using SourceForge and Google Code

Darryl has been deep in the data analysis and data modeling

Adrien has modified the python scripts and is improving the performance of the scripts.

OSSAMS Meeting Minutes 16 Nov

Cody and Adrien discussed the content for the Wiki, and discussed the plans to move to SourceForge.

Cody submitted the rough draft for the GVWN Gold paper.

Adrien is teaching the SANS Sec560 next week in Toronto.

OSSAMS Meeting Minutes 9 Nov 2011

Cody has completed the alpha code for the PowerShell AD ACL Parser for his GWCN Gold paper.  He plans on putting the final touches on the script and completing the paper over the next week.

Darryl has:

  • Analyzed output (test data) for the following tools in order to create tool-specific normalized data models for each tool (Acunetix, Burp, Nessus, Netsparker, Nikto, NMap, SSLScan, W3AF, Watcher, Xprobe2 and ZAP)
  • Acunetix model completed to determine the acceptability of using MySQL workbench for ER (logical) and draft physical data structure including table names, attributes, primary and foreign keys and data types.
  • Next steps: complete data model; load MySQL OSSAMS instance with test data for final analysis of commonalities through team working session.

Adrien has been working on fine tuning his python scripts.

 

OSSAMS Meeting Minutes 26 Oct 2011

Cody has made great headway with the powershell script framework and can now can control the XML data formatting.

Darryl has continued to make headway at data modeling from the initial data set Adrien has supplied.

Adrien has recently presented SecTor on the project.

OSSAMS Meeting Minutes

Aug 24 – Cody, Adrien, & Darryl

Updates

  • Cody – Progress made on GCWN GOLD PowerShell scripts
  • Cody – Reviewed the PowerShell export XML format and discussed long term to create a custom format for OSSAMS collected data
  • Cody – target scripts for Gold Paper is File Systems, AD, and IIS
  • Adrien – reviewed a SANS white paper he is starting for around the scripts he is creating for OSSAMS.  The scripts are used to parse the out from various assessment tools into a supportable XML and the import data into a database.
  • Adrien – The SANS document outlines in detail the data mapping content.
  • Darryl – Working on data normalization and data structure
  • Darryl – updated Wiki with task list and will begin uploading data files on wiki.