• Content for OWASP Summit 2017 site

    CSS 15 31 Updated Feb 27, 2017
  • The Mobile Security Testing Guide (MSTG) is a manual for testing the security of mobile apps. It describes technical processes for verifying the controls listed in the OWASP Mobile Application Verification Standard (MASVS). The MSTG is meant to provide a baseline set of test cases for black-box and white-box security tests, and to help ensure c…

    HTML 131 63 Updated Feb 26, 2017
  • OWASP BLT is a bug logging tool to report issues and get points, companies are held accountable.

    django bug

    JavaScript 7 7 Updated Feb 26, 2017
  • XSLT 35 10 Updated Feb 26, 2017
  • 7 3 Updated Feb 24, 2017
  • DefectDojo is an open-source defect tracking application

    python security django analytics owasp vulnerability-databases

    HTML 191 69 Updated Feb 24, 2017
  • MsBuild task to warn about insecure NuGet libraries

    C# 28 14 Updated Feb 23, 2017
  • The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.

    Python 112 43 Updated Feb 23, 2017
  • PHP 5 4 Updated Feb 23, 2017
  • This is a working copy of the OWASP Project Handbook and is the draft where changes are made before publishing a final version on the OWASP wiki.

    2 Updated Feb 22, 2017
  • Java 79 22 Updated Feb 22, 2017
  • The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

    HTML 390 214 Updated Feb 22, 2017
  • C 1 1 Updated Feb 22, 2017
  • The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!

    Java 80 29 Updated Feb 19, 2017
  • Application Security Automation

    Ruby 87 24 Updated Feb 19, 2017
  • OWASP Passfault evaluates passwords and enforces password policy in a completely different way.

    JavaScript 104 35 Updated Feb 18, 2017
  • O-Saft - OWASP SSL advanced forensic tool

    Perl 113 21 Updated Feb 16, 2017
  • The Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security. It is meant to be used by mobile software architects and developers seeking to develop secure mobile applications and as a basis for mobile app security testing methodologies. The MASVS lists requirements for both security controls and software p…

    Python 77 22 Updated Feb 16, 2017
  • Web and mobile application security training platform

    Java 287 95 Updated Feb 16, 2017
  • Node application to help managing Maturity Models like the ones created by BSIMM and OpenSAMM

    JavaScript 43 9 Updated Feb 9, 2017
  • Repo to hold the API backend files for the Maturity-Models project

    CoffeeScript 1 1 Updated Feb 8, 2017
  • UI for the Maturity-Models project

    CoffeeScript 2 3 Updated Feb 8, 2017
  • OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually expl…

    Java 58 29 Updated Feb 7, 2017
  • A vulnerable version of Rails that follows the OWASP Top 10

    JavaScript 352 124 Updated Jan 30, 2017
  • Repo for OwaspSAMM Maturity Model's data (imported as a submodule by the Maturity-Models project)

    Updated Jan 29, 2017
  • Takes third-party HTML and produces HTML that is safe to embed in your web application. Fast and easy to configure.

    Java 170 58 Updated Jan 26, 2017
  • Application Security Verification Standard

    XSLT 109 34 Updated Jan 11, 2017
  • OWASP Learning Gateway Project will be a connected, collaborative learning platform to support the OWASP Mentor Initiative. We are currently working on a framework for the platform development.

    HTML 3 1 Updated Jan 8, 2017
  • Official OWASP Top 10 Document Repository

    5 1 Updated Dec 17, 2016
  • Home for the draft documents for the revitalization of OWASP Projects. Written in markdown for later conversion to MediaWiki markup via Pandoc

    1 1 Updated Dec 14, 2016