The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
The OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. As it is written in Java, it supports Java Static Analysis Security Testing Tools (SAST). It’s also a fully runnable web application, so it supports Dynamic Analysis Security Testing Tools (DAST), like OWASP ZAP, and Interacti…
A fast and easy to configure HTML Sanitizer written in Java which lets you include HTML authored by third-parties in your web application while protecting against XSS.
PHP-RBAC is an authorization library for PHP. It provides developers with NIST Level 2 Standard Role Based Access Control and more, in the fastest implementation yet.
The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!