OWASP

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

In-depth attack surface mapping and asset discovery

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

Golang Secure Coding Practices guide

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

OWASP API Security Project

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

completely ridiculous API (crAPI)

The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.

A vulnerable version of Rails that follows the OWASP Top 10

OWASP ZSC - Shellcode/Obfuscate Code Generator

Application Security Automation

SAMM stands for Software Assurance Maturity Model.

OWASP Vulnerable Web Application Project https://github.com/hummingbirdscyber

O-Saft - OWASP SSL advanced forensic tool

OWASP D4N155 - Intelligent and dynamic wordlist using OSINT

Your gateway to OWASP. Discover, engage, and help shape the future!

The OWASP Secure Headers Project

OWASP Kubernetes security and compliance tool [WIP]

OWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions

Software Component Verification Standard (SCVS)

OWASP Code Review Guide Web Repository

Mobile Application Security Design Guide

OWASP Foundation Web Respository