This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP O2 Platform/WIKI/HomePage

Jump to: navigation, search

O2 is a collection of Open Source modules that help Web Application Security Professionals maximize their efforts and quickly obtain high visibility into an application's security profile. The objective is to 'Automate Application Security Knowledge and Workflows'.

To gain a better understanding of "what is O2?", start with this presentation "What is the OWASP O2 Platform" and then read this presentation "OWASP O2 Platform Modules".


Originally O2 (OunceOpen) originated from OunceLabs Advanced Research Team (ART) work, and aims to push to the limit the power of multiple Static Analysis engines.

These tools have been developed by Security Professionals FOR security professionals, and are designed to automate the security consultant's brain.

External (to OWASP) O2 website

O2 has a sister (to OWASP) website which contains additional documentation, downloads and O2-related blogs:

Try O2!

Download the latest version of the Binaries, Installers or Source Code (from Files (Binaries, Source and Demos))

Or can install the most commonly used O2 Modulesdirectly from the web (using Click Once) at

For demos try these

Code Repository and Bug Tracking System

O2 uses Google Code for its core repository and bugtracking system:

go back to the main OWASP O2 Platform page