OWASP

The OWASP Foundation

United States of America

Pinned Repositories

API-Security
OWASP API Security Project
Language:Dockerfile2.2k 168 79396
ASVS
Application Security Verification Standard
Language:HTML3.2k 145 1.7k774
CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Language:Python30.6k 564 5724.3k
DevGuide
The OWASP Developer Guide
2.1k 204 67399
Go-SCP
Golang Secure Coding Practices guide
Language:Go5.2k 130 48386
mastg
The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.
Language:Python12.5k 411 1.3k2.5k
masvs
The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.
Language:Python2.3k 101 207555
Nettacker
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
Language:Python4.6k 108 253934
Top10
Official OWASP Top 10 Document Repository
Language:HTML4.9k 290 519941
wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Language:Dockerfile8.5k 376 3651.5k

OWASP's Repositories

OWASP/OWASP-Testing-Guide
OWASP Testing Guide
110 28 041
OWASP/WebGoat
This is a defunct code base. The project is located at: https://github.com/WebGoat
Language:HTML52 20 060
OWASP/OWASP-Proxy
Owasp Proxy
Language:Java31 10 015
OWASP/Top-5-Machine-Learning-Risks
The OWASP Top 5 Machine Learning Risks[edit | edit source] The idea is to build the required resources which help software security community to understand the emerging technology of machine learning and how it is related to security, warn them about the risk associated with using ML, and discuss the defending techniques. Description[edit | edit source] Machine Learning has recently re-emerged as a powerful tool in multiple business sectors, especially when it is used for Predictive Analytics at the scale of Big Data. This technique becomes vital when it is harnessed for the Security services and applications like Fraud Detection, Anomaly Detection, Behavioral Analysis
29 23 011
OWASP/lapse-plus
LAPSE+ is a security scanner, based on the white box analysis of code for detecting vulnerabilities in Java EE Applications.
Language:Java25 17 117
OWASP/AppSecEurope2017
13 14 06
OWASP/AppSec-Designer-Rule-Sets-for-Threat-Countermeasures-and-Security-Functional-Requirements
The most overtly detailed security blueprint you will ever need. Develop rule sets for use by Neo4j, AppSec Designer (TM), and any other tool choosing to use them, to define threat countermeasures and their related security functional component requirements.
Language:Shell11 15 03
OWASP/VirtualVillage
Owasp Virtual Village will provide users with access to numerous operating systems Desktop as well as Servers. They will be able to create custom apps for other owasp projects they will also be able to request test environments , or honey pots , etc.
8 5 65
OWASP/Maturity-Models-UI
UI for the Maturity-Models project
Language:CoffeeScript7 3 05
OWASP/Vicnum-BasicCTF
A rather basic (intentionally) vulnerable Web application written in PHP, part of the OWASP Vicnum Project
Language:PHP6 2 07
OWASP/Application-Security-Guide-For-CISOs-Project-v2
Among application security stakeholders, Chief Information Security Officers (CISOs),are responsible for application security from governance, compliance and risk perspectives. The Application Security Guide For CISOs seeks to help CISOs manage application security programs according to their own roles, responsibilities, perspectives and needs. Application security best practices and OWASP resources are referenced throughout the guide
5 12 0
OWASP/appsec-template
Jekyll web site template for OWASP AppSec conference web sites
Language:HTML5 11 03
OWASP/Cuiaba
OWASP Cuiaba, Brazil. A brilliant idea to have the entire chapter and their projects in github! Go Brazil!
Language:CSS4 13 03
OWASP/owasp-summit-2017-Outcomes
owasp summit 2017 Outcomes
4 11 04
OWASP/passfault-docker
Docker image base for OWASP passfault
4 4 01
OWASP/Threat-Modeling-Cheat-Sheets
4 12 0
OWASP/Threat-Modeling-Tools
4 11 0
OWASP/github-template
Templates recommended for GitHub repositories of OWASP projects
3 11 04
OWASP/Maturity-Models-API
Repo to hold the API backend files for the Maturity-Models project
Language:CoffeeScript3 12 05
OWASP/Maturity-Models-QA
Repo of QA files of BSIMM site (i.e. browser automation and performance tests)
Language:CoffeeScript3 4 13
OWASP/owasp-avatao
OWASP created challenges to run on the OpenSource Avatao engine
3 6 01
OWASP/passfault-docker-template
This is a template for customizing a passfault image with your own wordlists
3 4 01
OWASP/Threat-Model-Project
To be the source of all information threat model related including but not limited to cheat sheets, examples, new techniques and processes
2 13 0
OWASP/Threat-Modeling-Lightweight-Process
2 3 03
OWASP/A-D-Project
1 13 0
OWASP/AppSec-Israel-2017
Language:CSS1 12 06
OWASP/owasp-halifax
The OWASP Halifax Website
Language:JavaScript1 9 05
OWASP/owasp-summit-2017-site
Site pages for the owasp-summit-2017
Language:HTML1 2 12
OWASP/Vulnerability-Reporting-Project
1 13 01
OWASP/Threat-Modeling-Templates
12 01