OWASP

All

1.2k repositories

wrongsecrets
Public
Vulnerable app with examples showing how to not use secrets
java docker kubernetes aws security vault azure gcp secrets owasp
Java
•
GNU Affero General Public License v3.0
•375•1.3k•25•12•Updated Jan 1, 2025Jan 1, 2025
www-board
Public
HTML
•10•5•0•0•Updated Jan 1, 2025Jan 1, 2025
owasp.github.io
Public
OWASP Foundation main site repository
HTML
•
Creative Commons Attribution Share Alike 4.0 International
•272•545•9•7•Updated Jan 1, 2025Jan 1, 2025
www-board-candidates
Public
18•6•0•0•Updated Jan 1, 2025Jan 1, 2025
SecureCodingDojo
Public
The Secure Coding Dojo is a platform for delivering secure coding knowledge.
secure-coding training-portal owasp
PHP
•
Apache License 2.0
•142•556•8•1•Updated Jan 1, 2025Jan 1, 2025
www-project-developer-guide
Public
OWASP Project Developer Guide - Document and Project Web pages
owasp owasp-developer-guide
HTML
•
Creative Commons Attribution Share Alike 4.0 International
•25•98•9•2•Updated Jan 1, 2025Jan 1, 2025
ASVS
Public
Application Security Verification Standard
HTML
•
Creative Commons Attribution Share Alike 4.0 International
•677•2.8k•56•1•Updated Jan 1, 2025Jan 1, 2025
www-chapter-singapore
Public
OWASP Foundation Web Respository
HTML
•5•2•0•0•Updated Jan 1, 2025Jan 1, 2025
cornucopia
Public
The source files and tools needed to build the OWASP Cornucopia decks in various languages
card card-game gamification threat-modeling
Python
•
Other
•24•48•6•3•Updated Jan 1, 2025Jan 1, 2025
wrongsecrets-ctf-party
Public
Run Capture the Flags and Security Trainings with OWASP WrongSecrets
git docker kubernetes aws security ctf training-materials ctfd hacktoberfest
JavaScript
•
Apache License 2.0
•133•43•8•14•Updated Jan 1, 2025Jan 1, 2025
cwe-sdk-javascript
Public
A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
owasp vulnerabilities cve mitre cwe
JavaScript
•
Apache License 2.0
•10•33•0•1•Updated Jan 1, 2025Jan 1, 2025
www-community
Public
OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
appsec community-project owasp
HTML
•697•1.1k•11•3•Updated Jan 1, 2025Jan 1, 2025
CheatSheetSeries
Public
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
security code best-practices application-security appsec cheatsheets owasp
Python
•
Creative Commons Attribution Share Alike 4.0 International
•4k•29k•43•7•Updated Jan 1, 2025Jan 1, 2025
Nest
Public
Your gateway to OWASP. Discover, engage, and help shape the future!
react api metadata events django typescript rest taxonomy projects django-rest-framework
TypeScript
•
MIT License
•27•24•30•8•Updated Dec 31, 2024Dec 31, 2024
www-project-top-10-for-large-language-model-applications
Public
OWASP Foundation Web Respository
TeX
•
Other
•153•610•25•1•Updated Dec 31, 2024Dec 31, 2024
www-chapter-netherlands
Public
OWASP Foundation Web Respository
HTML
•4•5•1•0•Updated Dec 31, 2024Dec 31, 2024
www-project-api-security
Public
OWASP Foundation Web Repository
owasp api-security
HTML
•23•47•0•1•Updated Dec 31, 2024Dec 31, 2024
API-Security
Public
OWASP API Security Project
api security web-api owasp-top documentation-portal
Dockerfile
•
Other
•379•2.1k•12•6•Updated Dec 31, 2024Dec 31, 2024
www-chapter-lisboa
Public
OWASP Foundation Web Respository
HTML
•3•5•0•0•Updated Dec 30, 2024Dec 30, 2024
threat-dragon
Public
An open source threat modeling tool from OWASP
owasp threat-modeling sdlc threat-dragon owasp-threat-dragon
JavaScript
•
Apache License 2.0
•260•974•68•1•Updated Dec 30, 2024Dec 30, 2024
owasp-mastg
Public
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
static-analysis android-application ios-app dynamic-analysis pentesting mobile-security network-analysis mast reverse-enginnering runtime-analysis
Python
•
Creative Commons Attribution Share Alike 4.0 International
•2.4k•12k•316•34•Updated Dec 30, 2024Dec 30, 2024
www-project-dungeons-and-daemons
Public
This repository contains OWASP Dungeons & Daemons a collection of security games. It's purpose is to promote security awareness and practices.
Svelte
•
Creative Commons Attribution Share Alike 4.0 International
•0•3•0•2•Updated Dec 30, 2024Dec 30, 2024
www-project-threat-dragon
Public
OWASP Foundation Threat Dragon Project Web Repository
security-tools owasp appsec
HTML
•
Apache License 2.0
•28•75•1•1•Updated Dec 30, 2024Dec 30, 2024
www-project-modsecurity-core-rule-set
Public
OWASP Foundation Web Respository
HTML
•11•38•0•0•Updated Dec 29, 2024Dec 29, 2024
www-project-non-human-identities-top-10
Public
OWASP Non-Human Identities Top 10
HTML
•
Other
•5•5•0•1•Updated Dec 29, 2024Dec 29, 2024
basconf
Public
Boston Application Security Conference
HTML
•0•1•0•0•Updated Dec 29, 2024Dec 29, 2024
www-project-secure-headers
Public
The OWASP Secure Headers Project
http security web owasp secure headers appsec
Python
•
Apache License 2.0
•39•140•2•0•Updated Dec 29, 2024Dec 29, 2024
www-chapter-oslo
Public
OWASP Foundation Web Respository
HTML
•5•4•0•0•Updated Dec 28, 2024Dec 28, 2024
Nettacker
Public
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
python security automation scanner bruteforce owasp penetration-testing pentesting recon cve
Python
•
Apache License 2.0
•801•3.7k•22•10•Updated Dec 28, 2024Dec 28, 2024
www-project-juice-shop
Public
OWASP Foundation Web Respository
hacktoberfest
HTML
•154•72•0•0•Updated Dec 28, 2024Dec 28, 2024