OWASP

API-Security

OWASP API Security Project

ASVS

Application Security Verification Standard

CheatSheetSeries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

DevGuide

The OWASP Developer Guide

Go-SCP

Golang Secure Coding Practices guide

mastg

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

masvs

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

Nettacker

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

Top10

Official OWASP Top 10 Document Repository

wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

OWASP/phpsec

OWASP PHP Security Project - THIS PROJECT IS INACTIVE AND MAY CONTAIN SECURITY FLAWS

OWASP/AppSec-Browser-Bundle

The OWASP AppSec Browser Bundle is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre-configured with security tools for spidering, advanced web searching, fingerprinting, anonymous browsing, web server scanning, fuzzing, report generating and more.

OWASP/WebGoat.NET

OWASP WebGoat.NET

OWASP/OWASP-GoatDroid-Project

OWASP GoatDroid is a fully functional and self-contained training environment for educating developers and testers on Android security. GoatDroid requires minimal dependencies and is ideal for both Android beginners as well as more advanced users. The project currently includes two applications: FourGoats, a location-based social network, and Herd Financial, a mobile banking application. There are also several feature that greatly simplify usage within a training environment or for absolute beginners who want a good introduction to working with the Android platform. Download the built version here: https://github.com/jackMannino/OWASP-GoatDroid-Project/downloads

OWASP/CodeReviewGuide

Repository for OWASP Code Review document

OWASP/DotNet_ANSA

.NET ASP.NET Security Analyser - Consolidation of multiple ASP.NET OWASP tools

OWASP/WebSpa

A Java web knocking tool for sending a single HTTP/S request to your web server in order to authorise the execution of a premeditated Operating System (O/S) command.

OWASP/SSVL

Simple Software Vulnerability Language (SSVL)

OWASP/Quick-Start-Guide

Repo for the OWASP Quick Start Guide

OWASP/owasp-java-validator

OWASP/owasp-orizon

The Owasp Orizon Project is an open source tool to perform some static analysis over a source codebase. It's is focused over security and it supports multiple programming languages.

OWASP/RoR-and-Friends-Security-Guide

Owasp Ruby on Rails and Friends Security Guide

OWASP/AppSensor-Handbook

OWASP AppSensor Handbook

OWASP/HTML5SlideTemplates

HTML 5 slide templates for OWASP presentations (beta)

OWASP/OWASP-Project-Metrics

OWASP Project Metrics

OWASP/open-swamp

SWAMP open source

OWASP/owasp-esapi-ruby

The Owasp Esapi Ruby is a port for outstanding release quality Owasp Esapi project to the Ruby programming language. The idea is to build a Ruby gem (the standard ruby library archive format) containing the Esapi concepts implemented in Ruby classes so people using Ruby in their Rails application can have security into them.

OWASP/Owbot

This is the OWASP Hubot (called OwBot)

OWASP/opensammbenchmark

Documents and code relating to the OpenSAMM benchmarking efforts

OWASP/dev-pages

Developer Focused OWASP Pages

OWASP/KBAPM