OWASP Benchmark

This is the home for all the OWASP Benchmark related projects. The primary project is BenchmarkJava (what was just 'the OWASP Benchmark' previously).

Pinned Repositories

BenchmarkJava
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
Language:Java670 56 961.1k
BenchmarkUtils
OWASP Benchmark Project Utilities - Provides scorecard generation and crawling tools for Benchmark style test suites.
Language:Java16 4 2050

OWASP-Benchmark/BenchmarkJava
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
Language:Java670 56 961.1k
OWASP-Benchmark/BenchmarkUtils
OWASP Benchmark Project Utilities - Provides scorecard generation and crawling tools for Benchmark style test suites.
Language:Java16 4 2050