/Benchmark

The OWASP Benchmark is a test suite designed to verify the speed and accuracy of vulnerability detection tools. The initial version is intended to support Java Static Analysis Security Testing Tools (SAST). A future release will support Dynamic Analysis Security Testing Tools (DAST), like OWASP ZAP, and Interactive Analysis Security Testing Tools (IAST). The goal is that this test application is fully runnable and all the vulnerabilities are actually exploitable so its a fair test for any kind of vulnerability detection tool.

Primary LanguageJavaGNU General Public License v2.0GPL-2.0

Watchers