mozilla
Your Search Results

    Zest

    Overview

    Zest is an experimental specialized scripting language (also known as a domain-specific language) developed by the Mozilla security team and is intended to be used in web oriented security tools.
    The language is written in JSON, but we do not expect people to write Zest in this format - it is designed to be a visual language. The core language does not define any graphical representation - that is expected to be defined by the tools that integrate Zest.
    It is completely free, open source and can be included in any tool whether open or closed, free or commercial.

    Zest is still at a very early stage of development, but is has been made available so that anyone can play around with it.
    All constructive feedback is very welcome.
    Anyone can contribute to the onward development of Zest, and teams or individuals who develop security tools are especially welcome to join and help shape Zest's future.

    Zest topics

    Usecases
    Reporting security vulnerabilities to developers
    Reporting security vulnerabilities to companies
    Defining active and passive scanner rules
    Deep integration with security tools
    Runtimes
    The runtime environments that support Zest
    Tools
    The tools that include support Zest
    Implementation
    The state of Zest development
    Videos
    Simon demoed Zest at AppSec USA in November 2013, and the full video of my talk is available on YouTube. The Zest part of the talk starts at 23:47.
    More details
    https://github.com/mozilla/zest - the code on github
    http://groups.google.com/group/mozilla-zest - the group used for discussing Zest

     

    Document Tags and Contributors

    Tags: 
    Contributors to this page: psiinon, ethertank, robocoder
    Last updated by: psiinon,