This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP OWTF

From OWASP
Jump to: navigation, search
Flagship big.jpg
Review this project
OWTFLogo.png

OWTF aims to make pen testing:

  • Aligned with OWASP Testing Guide + PTES + NIST
  • More efficient
  • More comprehensive
  • More creative and fun (minimise un-creative work)

so that pentesters will have more time to

  • See the big picture and think out of the box
  • More efficiently find, verify and combine vulnerabilities
  • Have time to investigate complex vulnerabilities like business logic/architectural flaws or virtual hosting sessions
  • Perform more tactical/targeted fuzzing on seemingly risky areas
  • Demonstrate true impact despite the short timeframes we are typically given to test.

The latest version of OWASP OWTF is OWTF 2.3b "MacinOWTF".

Project Leaders

Links


OWTF is taking part in the Google Summer of Code 2018 ! If you'd like to participate then see the OWASP Google Summer of Code 2018 Ideas page!

ToolsWatch Annual Best Free/Open Source Security Tool Survey:

Presentation and talks

The following links provide access to materials for OWTF talks (video, slides, etc.):

OWTF Talks at 7-a.org

You can see what OWASP OWTF is all about in the following video:
OWASP OWTF 1.0 "Lionheart" - Brucon 2014 5x5:
OWASP AppSec EU 2013: Introducing OWASP OWTF 5x5:

For more videos please see the YouTube channel

Licensing

LICENSE

Openhub

https://www.openhub.net/p/owasp-owtf

Classifications

Flagship projects.jpg
Cc-button-y-sa-small.png

Quick Download

Email List

Sign Up

News and Events

In Print