Skip to content
This repository has been archived by the owner on Jun 20, 2023. It is now read-only.


Repository files navigation

This repository has been migrated to OWASP/www-project-developer-guide

OWASP is moving to a 'web first' philosphy and moving away from downloads. We will still be providing PDF and ePub, but the emphasis will be on providing web page documents.

This means that OWASP project page is now the source of the document. The draft version 3.0 of this repo is now work-in-progress under draft in the OWASP project pages.

This migration is now complete and this repo has been archived as Read Only.

OWASP Developer Guide Reboot


Thank you for your interest in the OWASP Developer Guide, the first major Open Web Application Security Project (OWASP) Document.

This is the development version of the OWASP Developer Guide, and will be converted into PDF & MediaWiki for publishing when complete.

This repository is the current development master: version 3.0.

Current stable is version 2.0.1 and is the recommended version for reading until 3.0 becomes more complete.

See our our wiki, FAQ page, and Road Map for more information.

Gitbook integration

For a pleasant reading experience, use GitBook to turn this document into a PDF, e-book, website, etc.


Our wiki contains more information about the project's background and purpose. This will be updated here first then ported over to the official wiki.

You do not have to be a security expert in order to contribute!

START HERE: We recommend looking first at the Open Issues and trying to close them.

Some of the ways you can help:

  • Technical editing
  • Review
  • Diagrams
  • Graphic design
  • Code snippets in your favorite language


You can join in the conversation on the mailing list.

We also discuss a fair amount about the OWASP Guide on Google+

Please contact the Project Leads: Steven van der Baan or Brad Chesney for any queries about this edition.

Steven van der Baan

Brad Chesney