Merge pull request #2 from OWASP/update-documentation

update Documentation

LICENSE.md

@@ -1,7 +1,5 @@
 MIT License
 
-Copyright (c) 2023 Dhrumil Mistry
-
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights

index.md

@@ -1,22 +1,57 @@
 ---
 
 layout: col-sidebar
-title: OWASP Offensive API Tester
-tags: example-tag
+title: OWASP OFFAT
+tags: api-security
 level: 2
-type: 
-pitch: A very brief, one-line description of your project
+type: code, tool
+pitch: Tests your API automatically for common API vulnerabilities after generating tests from provided openapi specification file.
 
 ---
 
-This is an example of a Project or Chapter Page.  Please change these items to indicate the actual information you wish to present.  In addition to this information, the 'front-matter' above this text should be modified to reflect your actual information.  An explanation of each of the front-matter items is below:
+## OWASP OFFAT
 
-layout: This is the layout used by project and chapter pages.  You should leave this value as col-sidebar
+OWASP OFFAT (OFFensive Api Tester) is created to automatically test API for common vulnerabilities after generating tests from openapi specification file. It provides feature to automatically fuzz inputs and use user provided inputs during tests specified via YAML config file.
 
-title: This is the title of your project or chapter page, usually the name.  For example, OWASP Zed Attack Proxy or OWASP Baltimore
+![UnDocumented petstore API endpoint HTTP method results](./src/.images/tests/offat-v0.5.0.png)
 
-tags: This is a space-delimited list of tags you associate with your project or chapter.  If you are using tabs, at least one of these tags should be unique in order to be used in the tabs files (an example tab is included in this repo)
+## Demo
 
-level: For projects, this is your project level (2 - Incubator, 3 - Lab, 3.5 - Production, 4 - Flagship)
+[![asciicast](https://asciinema.org/a/9MSwl7UafIVT3iJn13OcvWXeF.svg)](https://asciinema.org/a/9MSwl7UafIVT3iJn13OcvWXeF)
 
-type: code, tool, documentation, or other
+## Security Checks
+
+- Restricted HTTP Methods
+- SQLi
+- BOLA
+- Data Exposure
+- BOPLA / Mass Assignment
+- Broken Access Control
+- Basic Command Injection
+- Basic XSS/HTML Injection test
+
+## Features
+
+- Few Security Checks from OWASP API Top 10
+- Automated Testing
+- User Config Based Testing
+- API for Automating tests and Integrating Tool with other platforms/tools
+- CLI tool
+- Dockerized Project for Easy Usage
+- Open Source Tool with MIT License
+
+## Try Tool
+
+- Install Tool using pip
+
+```bash
+python -m pip install offat
+```
+
+- Run Tool
+
+```bash
+offat -f swagger_file.json
+```
+
+- For more usage options read Project Repo [README.md](https://github.com/OWASP/OFFAT/blob/main/src/README.md)

info.md

@@ -1,17 +1,20 @@
 ### Offensive API Tester Information
-* [Incubator Project](#)
+
+* [Incubator Project](https://owasp.org/OFFAT)
 * [Type of Project](#)
 * [Version 0.0.0](#)
 * [Builder](#)
 * [Breaker](#)
 
 ### Downloads or Social Links
-* [Download](#)
-* [Meetup](#)
+
+* [Download](https://github.com/OWASP/OFFAT/releases)
+<!-- * [Meetup](#) -->
 
 ### Code Repository
-* [repo](#)
 
-### Change Log
-* [changes](#)
+* [repo](https://github.com/OWASP/OFFAT)
+
+<!-- ### Change Log -->
 
+<!-- * [changes](#) -->

src/README.md

@@ -6,12 +6,6 @@ Automatically Tests for vulnerabilities after generating tests from openapi spec
 
 ![UnDocumented petstore API endpoint HTTP method results](./.images/tests/offat-v0.5.0.png)
 
-## Notice
-
-Project proposal has been approved by the OWASP Foundation. As a result, OFFAT will now be taken care of within the OWASP Repository and will go by the name OWASP OFFAT.
-
-For the most up-to-date releases and updates, be sure to check out the OWASP OFFAT Repository at this [link](https://github.com/OWASP/OFFAT).
-
 ## Security Checks
 
 - [X] Restricted HTTP Methods
@@ -28,7 +22,7 @@ For the most up-to-date releases and updates, be sure to check out the OWASP OFF
 
 - Few Security Checks from OWASP API Top 10
 - Automated Testing
-- User Config
+- User Config Based Testing
 - API for Automating tests and Integrating Tool with other platforms/tools
 - CLI tool
 - Dockerized Project for Easy Usage
@@ -40,8 +34,6 @@ For the most up-to-date releases and updates, be sure to check out the OWASP OFF
 
 ## PyPi Downloads
 
-[![Upload offat Python Package to PyPi](https://github.com/dmdhrumilmistry/offat/actions/workflows/pypi-publish.yml/badge.svg)](https://github.com/dmdhrumilmistry/offat/actions/workflows/pypi-publish.yml)
-
 |Period|Count|
 |:----:|:---:|
 |Weekly|[![Downloads](https://static.pepy.tech/personalized-badge/offat?period=week&units=international_system&left_color=black&right_color=orange&left_text=Downloads)](https://pepy.tech/project/offat)|
@@ -54,18 +46,14 @@ The disclaimer advises users to use the open-source project for ethical and legi
 
 [Read More](./DISCLAIMER.md)
 
-## Join Our Discord Community
-
-[![Join our Discord server!](https://invidget.switchblade.xyz/DJrnAg4nv2)](http://discord.gg/DJrnAg4nv2)
-
 ## Installation
 
 ### Using pip
 
 - Install main branch using pip
 
   ```bash
-  python3 -m pip install git+https://github.com/dmdhrumilmistry/offat.git
+  python3 -m pip install git+https://github.com/OWASP/OFFAT.git
   ```
 
 - Install Release from PyPi
@@ -97,7 +85,7 @@ The disclaimer advises users to use the open-source project for ethical and legi
   docker compose up -d
   ```
 
-  > POST `openapi` documentation to `/api/v1/scan/` endpoint with its valid `type` (json/yaml); `job_id` will be returned, `job_id` should
+  > POST `openapi` documentation to `/api/v1/scan/` endpoint with its valid `type` (json/yaml); `job_id` will be returned.
 
 ### Manual Method
 
@@ -114,7 +102,7 @@ The disclaimer advises users to use the open-source project for ethical and legi
 - clone the repository to your machine
 
   ```bash
-  git clone https://github.com/dmdhrumilmistry/offat.git
+  git clone https://github.com/OWASP/OFFAT.git
   ```
 
 - Change directory
@@ -254,9 +242,9 @@ The disclaimer advises users to use the open-source project for ethical and legi
 ### Open In Google Cloud Shell
 
 - Temporary Session  
-  [![Open in Cloud Shell](https://gstatic.com/cloudssh/images/open-btn.svg)](https://shell.cloud.google.com/cloudshell/editor?cloudshell_git_repo=https://github.com/dmdhrumilmistry/offat.git&ephemeral=true&show=terminal&cloudshell_print=./DISCLAIMER.md)
+  [![Open in Cloud Shell](https://gstatic.com/cloudssh/images/open-btn.svg)](https://shell.cloud.google.com/cloudshell/editor?cloudshell_git_repo=https://github.com/OWASP/OFFAT.git&ephemeral=true&show=terminal&cloudshell_print=./DISCLAIMER.md)
 - Perisitent Session  
-  [![Open in Cloud Shell](https://gstatic.com/cloudssh/images/open-btn.svg)](https://shell.cloud.google.com/cloudshell/editor?cloudshell_git_repo=https://github.com/dmdhrumilmistry/offat.git&ephemeral=false&show=terminal&cloudshell_print=./DISCLAIMER.md)
+  [![Open in Cloud Shell](https://gstatic.com/cloudssh/images/open-btn.svg)](https://shell.cloud.google.com/cloudshell/editor?cloudshell_git_repo=https://github.com/OWASP/OFFAT.git&ephemeral=false&show=terminal&cloudshell_print=./DISCLAIMER.md)
 
 ## Have any Ideas 💡 or issue
 
@@ -265,8 +253,8 @@ The disclaimer advises users to use the open-source project for ethical and legi
 
 ## Contributing
 
-Refer [CONTRIBUTIONS.md](/.github/CONTRIBUTING.md) for contributing to the project.
+Refer [CONTRIBUTIONS.md](/CONTRIBUTING.md) for contributing to the project.
 
 ## LICENSE
 
-Offat is distributed under `MIT` License. Refer [License](/LICENSE) for more information.
+Offat is distributed under `MIT` License. Refer [License](/LICENSE.md) for more information.