OWASP

The OWASP Foundation

United States of America

Pinned Repositories

API-Security
OWASP API Security Project
Language:Dockerfile2.2k 168 79396
ASVS
Application Security Verification Standard
Language:HTML3.2k 145 1.7k774
CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Language:Python30.6k 564 5724.3k
DevGuide
The OWASP Developer Guide
2.1k 204 67399
Go-SCP
Golang Secure Coding Practices guide
Language:Go5.2k 130 48386
mastg
The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.
Language:Python12.5k 411 1.3k2.5k
masvs
The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.
Language:Python2.3k 101 207555
Nettacker
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
Language:Python4.6k 108 253934
Top10
Official OWASP Top 10 Document Repository
Language:HTML4.9k 290 519942
wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Language:Dockerfile8.5k 376 3651.5k

OWASP's Repositories

OWASP/phpsec
OWASP PHP Security Project - THIS PROJECT IS INACTIVE AND MAY CONTAIN SECURITY FLAWS
199 49 7557
OWASP/OWASP-Testing-Guide
OWASP Testing Guide
110 28 041
OWASP/WebGoat.NET
OWASP WebGoat.NET
Language:C#72 20 863
OWASP/WebGoat
This is a defunct code base. The project is located at: https://github.com/WebGoat
Language:HTML52 20 060
OWASP/OWASP-Proxy
Owasp Proxy
Language:Java31 10 015
OWASP/DotNet_ANSA
.NET ASP.NET Security Analyser - Consolidation of multiple ASP.NET OWASP tools
Language:ASP16 12 110
OWASP/WebSpa
A Java web knocking tool for sending a single HTTP/S request to your web server in order to authorise the execution of a premeditated Operating System (O/S) command.
Language:Java16 16 17
OWASP/AppSecEurope2017
13 14 06
OWASP/SSVL
Simple Software Vulnerability Language (SSVL)
13 19 75
OWASP/Quick-Start-Guide
Repo for the OWASP Quick Start Guide
10 9 77
OWASP/owasp-java-validator
Language:Java9 14 07
OWASP/OWASP-Project-Metrics
OWASP Project Metrics
6 11 125
OWASP/Vicnum-BasicCTF
A rather basic (intentionally) vulnerable Web application written in PHP, part of the OWASP Vicnum Project
Language:PHP6 2 07
OWASP/appsec-template
Jekyll web site template for OWASP AppSec conference web sites
Language:HTML5 11 03
OWASP/Cuiaba
OWASP Cuiaba, Brazil. A brilliant idea to have the entire chapter and their projects in github! Go Brazil!
Language:CSS4 13 03
OWASP/open-swamp
SWAMP open source
Language:JavaScript4 10 08
OWASP/owasp-summit-2017-Outcomes
owasp summit 2017 Outcomes
4 11 04
OWASP/Owbot
This is the OWASP Hubot (called OwBot)
Language:CoffeeScript4 11 45
OWASP/passfault-docker
Docker image base for OWASP passfault
4 3 01
OWASP/Threat-Modeling-Cheat-Sheets
4 12 0
OWASP/Threat-Modeling-Tools
4 10 0
OWASP/github-template
Templates recommended for GitHub repositories of OWASP projects
3 11 04
OWASP/Maturity-Models-API
Repo to hold the API backend files for the Maturity-Models project
Language:CoffeeScript3 12 05
OWASP/Maturity-Models-QA
Repo of QA files of BSIMM site (i.e. browser automation and performance tests)
Language:CoffeeScript3 4 13
OWASP/opensammbenchmark
Documents and code relating to the OpenSAMM benchmarking efforts
3 15 03
OWASP/passfault-docker-template
This is a template for customizing a passfault image with your own wordlists
3 4 01
OWASP/dev-pages
Developer Focused OWASP Pages
2 20 04
OWASP/Threat-Modeling-Lightweight-Process
2 3 03
OWASP/owasp-summit-2017-site
Site pages for the owasp-summit-2017
Language:HTML1 2 12
OWASP/Threat-Modeling-Templates
12 01