Skip to content

marcoagner/boast

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits

api

api

 
 

build

build

 
 

cmd/boast

cmd/boast

 
 

config

config

 
 

docs

docs

 
 

examples

examples

 
 

log

log

 
 

receivers

receivers

 
 

storage

storage

 
 

testdata

testdata

 
 

LICENSE

LICENSE

 
 

Makefile

Makefile

 
 

NOTICE

NOTICE

 
 

README.md

README.md

 
 

boast.go

boast.go

 
 

boast_test.go

boast_test.go

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

Repository files navigation

BOAST

The BOAST Outpost for AppSec Testing (v0.1.2)

BOAST is a server built to receive and report Out-of-Band Application Security Testing reactions.

BOAST overview

Some application security tests will only cause out-of-band reactions from the tested applications. This means that these reactions will not be sent as a response to the testing client and, due to their nature, they will remain unseen when the client is behind a third-party NAT. For the purpose of being able to clearly see those reactions, another piece is needed. A piece that, not limited by a third-party NAT, is freely reachable on the Internet and can also speak the received protocols in multiple ports for maximum impact. BOAST is that piece.

BOAST features DNS, HTTP, and HTTPS protocol receivers with support for multiple simultaneous ports for each receiver. And implementing protocol receivers for new protocols or to better suit your needs is almost as simple as implementing the protocol interaction itself.

Documentation

The project is documented here.

About

The BOAST Outpost for AppSec Testing (v0.1.2)

Topics

security appsec security-tools security-testing oast appsec-testing

Resources

Readme

License

Apache-2.0 license
Activity

Stars

54 stars

Watchers

2 watching

Forks

8 forks
Report repository

Releases

3 tags

Languages