This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Category:OWASP Security Ninjas AppSec Training Program

Jump to: navigation, search
OWASP Project Header.jpg

OWASP Security Ninjas APPSEC Training Program

Security Ninjas is an open-source Application Security Training Program.


The training program slide deck covers the OWASP Top10 vulnerabilities and some general security best practices. The hands-on training lab consists of 10 fun real world like hacking exercises corresponding to each of the OWASP Top10 vulnerabilities.


This program is free software: you can redistribute it and/or modify it under the terms of the Apache License.

Project Resources

Slide Deck

Source Code

Docker repo and instructions

Project Leader

Project Sponsor

OpenDNS 1.png

News and Events

[May 1 2015] Security Ninjas released

1. What is special about this project? - This is one of the very few projects which offers systematic, guided hands-on AppSec training to folks with very minimal AppSec or Penetration Testing knowledge. This would not only teach you how to find and exploit vulnerabilities but also hot to fix them and not have them in the first place! In today's world of advancing web attacks and seeing how complicated web applications are becoming, this training is something that every software engineer should take.

2. How much time does it take to set up the hands on lab? - If you use the docker build, it takes only a few seconds to setup the lab!

3. Is it hard to setup and destroy the hands-on lab container? - It is super simple to set up and destroy the container. If use docker, there are no dependency issues as well, no matter what platform you are using!

4. Why did I chose Docker? - Setting up and destroying the environment would be super easy and quick. - The docker container would be sandboxed which means that the vulnerable application wouldn’t be able to harm the host OS.


The first contributors to the project were:

  • Shruti Gupta Shruti Gupta created the OWASP Security Ninjas project


The project is complete.

Getting Involved

If you have suggestions/ comments about how this project could be made better, please email Shruti Gupta .

This category currently contains no pages or media.