This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Projects/OWASP Web Browser Testing System Project

Jump to: navigation, search
What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: OWASP Web Browser Testing System Project (home page)
Purpose: WBTS was built to quickly automate and test various browser and user-agents for security issues. It contains all the necessary services required for testing a browser. The following services are included: DNS, HTTP(S), Logging Services and support for VirtualHosts.
License: GNU General Public License v3
who is working on this project?
Project Leader(s):
  • Isaac Dawson @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Main links:
Key Contacts
  • Contact Isaac Dawson @ to contribute to this project
  • Contact Isaac Dawson @ to review or sponsor this project
current release
WBTS 1.0 - N/A - (download)
Release description: Currently WBTS is being re-written see: to track it's progress!

WBTS-beta has been used to help researchers find the following bugs:
1. Ability to read cross domain image data using toDataURL and getImageData via createPattern
1. Cross-domain checks may be bypassed, allowing limited data theft using CSS
1. Waiting for update on CSS Bug...
2. Waiting for update on Header Injection Bug...
3. Waiting for update Same Origin Policy Bypass Bug...

The previous (beta) release license was GNUv3, this has been changed to MIT for the next release.
If you wish to download the BETA release you can get it here:

Rating: Yellow button.JPG Not Reviewed - Assessment Details
last reviewed release
Not Yet Reviewed

other releases