Skip to content

Statistical approach to build OWASP Top Ten. This repository includes code, data and calculation methodology.

License

Notifications You must be signed in to change notification settings

wallarm/owasp-top-10-2022

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

OWASP Top-10 2022 proposal

Statistical approach to build OWASP Top Ten list. This repository includes code, data and calculation methodology.

Our proposal is not an official list, but the research work and open methodology that allow everyone to repeat calculations and get similar results.

The data we used is a 4'640'807 public security reports and bulletins from more than 125 sources, including HackerOne bug bounty reports, CVE, NVD, and exploits collections.

Repository

  • owasp.py - a script that download data from Vulners API and calculate statistics
  • owasp.json.part. - two parts of data export (GitHub 25MB limit bypass)

How to run

cat owasp.json.part* > owasp.json
python owasp.py

Related work

OWASP Top-10 2021. Statistics-based proposal: https://lab.wallarm.com/owasp-top-10-2021-proposal-based-on-a-statistical-data/

About

Statistical approach to build OWASP Top Ten. This repository includes code, data and calculation methodology.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages