WASR Vision
The Web App Security Reporting tool (WASR) is a simple template-driven tool for writing web-application security assessment reports. However, the vision of WASR is much more than this. It will be a "one-stop shop" for organizing all the information and reports from various assessment tools. This information, organized in a tree-like structure, will then be pulled together in a template context so that it can be applied to a template in order to generate a report with a very consistent look and feel. The templates themselves are customizable, allowing each organization to customize the output format to its needs. The framework also supports customized editing widgets for each node of the tree, allowing for considerable extensions over the base functionality in the tool.
The Current Version: 0.2a
The current version is pre-beta and is a Java client application. Consider it an early prototype. Please feel free to pull it down (dependencies are defined in the Maven pom.xml) and play with it but don't expect it to resemble a polished product - it isn't there yet. Ideas, constructive feedback, and volunteers are much appreciated.