This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Talk:Project Reviews Guideline
From OWASP
Please add your comments and concerns regarding the current Project Review Guidelines:
Discussion
5/21/2016 Nikola Milosevic SeraphimDroid comments, reported by Larry Conklin via email.
- Project self-assessment form does not take into consideration, lab and flagship levels.
- Wiki website is not easy to navigate for project information.
- Projects need more emphasis on main OWASP wiki page.
- Old outdated forms and new current forms are found with Goggle search with no indication of which forms are deprecated.
- Questions if money is being allocated with correct percentage of OWASP total revenue to projects.
5/24/2016 Larry Conklin
Proposed first stab of a Project DashBoard This was created by running a program that outputs a mediawiki table that can be inserted into a wiki page.
Repository Owner | Repository Name | Description | Lanuage | Open Issues Count | Last Activity Date | Commit Last Date | Commit Author |
---|---|---|---|---|---|---|---|
OWASP | AppSec-Browser-Bundle | The OWASP AppSec Browser Bundle is an open source Linux based penetration testing browser bundle built over Mozilla Firefox. It comes pre-configured with security tools for spidering, advanced web searching, fingerprinting, anonymous browsing, web server scanning, fuzzing, report generating and more. | JavaScript | 0 | 3/23/2016 3:25 PM | 1/1/0001 12:00 AM | |
OWASP | AppSensor-Handbook | OWASP AppSensor Handbook | 1 | 11/5/2014 4:18 PM | 1/1/0001 12:00 AM | ||
OWASP | ASVS | Application Security Verification Standard | 24 | 5/25/2016 8:02 AM | 1/1/0001 12:00 AM | ||
OWASP | Benchmark | The OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. As it is written in Java, it supports Java Static Analysis Security Testing Tools (SAST). It’s also a fully runnable web application, so it supports Dynamic Analysis Security Testing Tools (DAST), like OWASP ZAP, and Interactive Analysis Security Testing Tools (IAST) that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page. | Java | 3 | 5/20/2016 5:42 AM | 1/1/0001 12:00 AM | |
OWASP | CodeReviewGuide | Repository for OWASP Code Review document | 4 | 5/23/2016 5:25 PM | 1/1/0001 12:00 AM | ||
OWASP | Cuiaba | OWASP Cuiaba, Brazil. A brilliant idea to have the entire chapter and their projects in github! Go Brazil! | CSS | 0 | 11/20/2014 8:44 PM | 1/1/0001 12:00 AM | |
OWASP | dev-pages | Developer Focused OWASP Pages | 0 | 12/2/2015 5:49 AM | 1/1/0001 12:00 AM | ||
OWASP | DevGuide | The OWASP Guide | 10 | 5/24/2016 4:09 PM | 1/1/0001 12:00 AM | ||
OWASP | DotNet_ANSA | .NET ASP.NET Security Analyser - Consolidation of multiple ASP.NET OWASP tools | ASP | 1 | 3/22/2016 5:38 PM | 1/1/0001 12:00 AM | |
OWASP | Droid-10-Project | 0 | 3/22/2016 5:28 PM | 1/1/0001 12:00 AM | |||
OWASP | EJSF | Development of security framework based on Owasp Esapi for JSF2.0 | Java | 1 | 11/20/2014 8:44 PM | 1/1/0001 12:00 AM | |
OWASP | HTML5SlideTemplates | HTML 5 slide templates for OWASP presentations (beta) | 1 | 3/22/2016 6:49 PM | 1/1/0001 12:00 AM | ||
OWASP | java-html-sanitizer | A fast and easy to configure HTML Sanitizer written in Java which lets you include HTML authored by third-parties in your web application while protecting against XSS. | Java | 12 | 5/26/2016 7:55 AM | 1/1/0001 12:00 AM | |
OWASP | json-sanitizer | Automatically exported from code.google.com/p/json-sanitizer | Java | 1 | 3/14/2016 1:32 PM | 1/1/0001 12:00 AM | |
OWASP | KBAPM | 0 | 3/22/2016 5:33 PM | 1/1/0001 12:00 AM | |||
OWASP | NINJA-PingU | Python | 0 | 5/6/2016 6:07 PM | 1/1/0001 12:00 AM | ||
OWASP | NodeGoat | The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them. | HTML | 10 | 5/25/2016 5:50 PM | 1/1/0001 12:00 AM | |
OWASP | O-Saft | O-Saft - OWASP SSL audit for testers | Perl | 13 | 5/18/2016 11:02 AM | 1/1/0001 12:00 AM | |
OWASP | open-swamp | SWAMP open source | JavaScript | 0 | 3/22/2016 5:25 PM | 1/1/0001 12:00 AM | |
OWASP | opensamm | XSLT | 1 | 4/18/2016 9:10 PM | 1/1/0001 12:00 AM | ||
OWASP | opensammbenchmark | Documents and code relating to the OpenSAMM benchmarking efforts | 0 | 3/22/2016 5:24 PM | 1/1/0001 12:00 AM | ||
OWASP | OWASP-EnDe | EnDe is a collection of tools (built-in in the browser) for data encoding/decoding and conversion. | 0 | 3/22/2016 6:54 PM | 1/1/0001 12:00 AM | ||
OWASP | owasp-esapi-php | Automatically exported from code.google.com/p/owasp-esapi-php | PHP | 19 | 7/13/2015 11:33 PM | 1/1/0001 12:00 AM | |
OWASP | owasp-esapi-ruby | The Owasp Esapi Ruby is a port for outstanding release quality Owasp Esapi project to the Ruby programming language. The idea is to build a Ruby gem (the standard ruby library archive format) containing the Esapi concepts implemented in Ruby classes so people using Ruby in their Rails application can have security into them. | Ruby | 0 | 11/20/2014 8:45 PM | 1/1/0001 12:00 AM | |
OWASP | OWASP-GoatDroid-Project | OWASP GoatDroid is a fully functional and self-contained training environment for educating developers and testers on Android security. GoatDroid requires minimal dependencies and is ideal for both Android beginners as well as more advanced users. The project currently includes two applications: FourGoats, a location-based social network, and Herd Financial, a mobile banking application. There are also several feature that greatly simplify usage within a training environment or for absolute beginners who want a good introduction to working with the Android platform. Download the built version here: https://github.com/jackMannino/OWASP-GoatDroid-Project/downloads | Java | 0 | 9/8/2015 10:43 PM | 1/1/0001 12:00 AM | |
OWASP | owasp-java-encoder | The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting! | Java | 1 | 5/10/2016 8:05 PM | 1/1/0001 12:00 AM | |
OWASP | owasp-java-validator | Java | 0 | 5/19/2016 2:06 PM | 1/1/0001 12:00 AM | ||
OWASP | owasp-orizon | The Owasp Orizon Project is an open source tool to perform some static analysis over a source codebase. It's is focused over security and it supports multiple programming languages. | Java | 0 | 11/20/2014 8:46 PM | 1/1/0001 12:00 AM | |
OWASP | OWASP-Project-Metrics | OWASP Project Metrics | 12 | 3/22/2016 5:32 PM | 1/1/0001 12:00 AM | ||
OWASP | OWASP-Proxy | Owasp Proxy | Java | 2 | 5/10/2016 2:21 AM | 1/1/0001 12:00 AM | |
SpiderLabs | owasp-modsecurity-crs | OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository) | 74 | 5/27/2016 7:34 PM | 1/1/0001 12:00 AM | ||
esheri3 | OWASP-CSRFGuard | OWASP CSRFGuard is a library that implements a variant of the synchronizer token pattern to mitigate the risk of Cross-Site Request Forgery (CSRF) attacks. | 36 | 5/23/2016 7:13 AM | 1/1/0001 12:00 AM | ||
Ali-Razmjoo | OWASP-ZSC | OWASP ZSC - Shellcode/Obfuscate Code Generator | 6 | 5/23/2016 6:46 PM | 1/1/0001 12:00 AM | ||
ebranca | owasp-pysec | OWASP Python Security Project | 8 | 5/19/2016 10:14 AM | 1/1/0001 12:00 AM | ||
nikolamilosevic86 | owasp-seraphimdroid | OWASP Seraphimdroid is an open source project with aim to create, as a community, an open platform for education and protection of Android users against privacy and security threats. | 13 | 5/20/2016 3:37 PM | 1/1/0001 12:00 AM | ||
zaproxy | zaproxy | The OWASP ZAP core project | 464 | 5/29/2016 6:51 AM | 1/1/0001 12:00 AM | ||
MJCallahanPage | OWASP | OWASP Presentations | 0 | 3/7/2016 3:46 PM | 1/1/0001 12:00 AM | ||
jerryhoff | WebGoat.NET | OWASP WebGoat.NET | 4 | 3/29/2016 9:31 PM | 1/1/0001 12:00 AM | ||
zaproxy | zap-extensions | OWASP ZAP Add-ons | 9 | 5/27/2016 7:09 PM | 1/1/0001 12:00 AM | ||
mtesauro | owasp-wte | Home of the developement for OWASP WTE - the Web Testing Environment, a collection of pre-packaged Linux AppSec tools, apps and documentation used to create pre-configured VMs or installed ala carte in the Linux of your choice.. | 0 | 5/22/2016 2:50 AM | 1/1/0001 12:00 AM | ||
tanprathan | OWASP-Testing-Checklist | OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases. | 0 | 5/28/2016 1:00 PM | 1/1/0001 12:00 AM | ||
rsrdesarrollo | joomscan-owasp | Forked from joomscan-owasp at 26/02/2015 to add new functionality | 0 | 4/19/2016 7:21 PM | 1/1/0001 12:00 AM | ||
nowsecure | owasp-password-strength-test | OWASP Password Strength Test for Node.js | 7 | 5/10/2016 5:56 PM | 1/1/0001 12:00 AM | ||
ajinabraham | OWASP-Xenotix-XSS-Exploit-Framework | OWASP Xenotix XSS Exploit Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework. | 7 | 5/21/2016 5:43 PM | 1/1/0001 12:00 AM | ||
NoMan2000 | owaspsecuritywithphp | Shows how to prevent attacks and security features with the OWASP top ten as a guide for Tuts+ | 0 | 5/23/2016 3:48 PM | 1/1/0001 12:00 AM | ||
gobinathm | owasp | OWASP is an open-source web application security project.This is a helper module, to avoid top 10 owasp security issues | 0 | 10/19/2013 6:45 PM | 1/1/0001 12:00 AM | ||
medhaavip | Owasp | Csrf | 0 | 6/20/2013 4:08 PM | 1/1/0001 12:00 AM | ||
hakanson | ng-owasp | ng-owasp: OWASP Top 10 for AngularJS Applications | 0 | 5/24/2016 1:10 PM | 1/1/0001 12:00 AM | ||
dibsy | OWASP_Droid10 | OWASP Droid10 is an opensource handheld system based (android) web application pen testing tool. It can scan for web application vulnerability from any android device.Some features can be customized according to testers need. | 0 | 4/7/2016 4:35 PM | 1/1/0001 12:00 AM | ||
vpereira | owasp_zap | access zap proxy api using ruby | 5 | 4/28/2016 12:21 AM | 1/1/0001 12:00 AM | ||
cmluciano | bywaf-owasp | Alfa release | 0 | 5/12/2014 10:12 PM | 1/1/0001 12:00 AM | ||
johnwilander | owasp-1-liner | A deliberately vulnerable Java- and JavaScript-based chat application intended for demos and training in application security. | 0 | 5/3/2015 9:55 PM | 1/1/0001 12:00 AM | ||
shenril | owasp-asvs-checklist | OWASP ASVS checklist for audits | 0 | 4/4/2016 1:00 AM | 1/1/0001 12:00 AM | ||
jeremylong | DependencyCheck | OWASP dependency-check is a utility that detects publicly disclosed vulnerabilities in application dependencies. | 36 | 5/29/2016 10:27 AM | 1/1/0001 12:00 AM | ||
owaspjocur | OwaspPciToolkit | PCI-DSS toolkit to help scope web applications | 0 | 4/18/2016 2:37 PM | 1/1/0001 12:00 AM | ||
rezasp | vbscan | OWASP VBScan is a Black Box vBulletin Vulnerability Scanner | 0 | 5/28/2016 5:05 PM | 1/1/0001 12:00 AM | ||
owtf | owtf | OWASP OWTF, the Offensive (Web) Testing Framework, is an OWASP+PTES-focused try to unite great tools and make pen testing more efficient, written mostly in Python @owtfp http://owtf.org | 47 | 5/28/2016 6:34 PM | 1/1/0001 12:00 AM | ||
zaproxy | zap-core-help | The help files for the OWASP ZAP core | 2 | 5/28/2016 8:05 PM | 1/1/0001 12:00 AM | ||
colezlaw | owasp-php-iv | OWASP PHP Input Validation Library | 0 | 11/10/2014 7:17 PM | 1/1/0001 12:00 AM | ||
ibuildingsnl | owasp-asvs | Canonical source data for OWASP ASVS | 0 | 3/10/2016 9:58 AM | 1/1/0001 12:00 AM | ||
SpiderLabs | owasp-distributed-web-honeypots | Repository for the OWASP/WASC Distributed Web Honeypots Project - | 0 | 3/19/2016 2:51 PM | 1/1/0001 12:00 AM | ||
javabeanz | owasp-security-logging | OWASP Security Logging library for Java | 4 | 5/15/2016 8:14 PM | 1/1/0001 12:00 AM | ||
ESAPI | owasp-esapi-js | Automatically exported from code.google.com/p/owasp-esapi-js | 20 | 5/25/2016 5:43 AM | 1/1/0001 12:00 AM | ||
rwinch | spring-jackson-owasp | 0 | 4/7/2016 10:37 AM | 1/1/0001 12:00 AM | |||
continuumsecurity | zap-webdriver | Example security tests using Selenium WebDriver and OWASP ZAP | 2 | 5/10/2016 7:17 AM | 1/1/0001 12:00 AM | ||
c-a-m | passfault | OWASP Passfault evaluates passwords and enforces password policy in a completely different way. | 19 | 5/26/2016 8:06 AM | 1/1/0001 12:00 AM | ||
stevespringett | dependency-check-sonar-plugin | Integrates OWASP Dependency-Check reports into SonarQube | 1 | 5/27/2016 11:03 AM | 1/1/0001 12:00 AM | ||
alienwithin | OWASP-mth3l3m3nt-framework | OWASP Mth3l3m3nt Framework is a penetration testing aiding tool and exploitation framework. It fosters a principle of attack the web using the web as well as pentest on the go through its responsive interface. | 0 | 5/23/2016 4:47 PM | 1/1/0001 12:00 AM | ||
raesene | OWASP_Web_App_Testing_Cheatsheet_Converter | OWASP Web Application Testing Cheat Sheet converted to tool formats | 0 | 3/8/2016 5:38 PM | 1/1/0001 12:00 AM | ||
kennel209 | owasp-testing-guide-v4-gitbook | Just A GITBOOK Ver of WIKI, translating to CHINESE | 0 | 4/21/2016 4:47 AM | 1/1/0001 12:00 AM | ||
TeamMentor | OWASP_Library | TeamMentor OWASP Library | 1 | 1/28/2014 2:35 PM | 1/1/0001 12:00 AM | ||
rapPayne | WebGoat.Net | OWASP's official repository for WebGoat (ASP.NET version) | 0 | 4/4/2016 11:18 PM | 1/1/0001 12:00 AM | ||
microcosm-cc | bluemonday | bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS | 0 | 5/28/2016 12:53 PM | 1/1/0001 12:00 AM | ||
darrensapalo | owasp-jsp | OWASP from A1-A10 on Java | 0 | 3/16/2015 3:08 AM | 1/1/0001 12:00 AM | ||
pwntester | OWASP-GoatDroid-Dolphis | OWASP GoatDroid Exploit Apps | 0 | 7/12/2015 12:17 PM | 1/1/0001 12:00 AM | ||
relaxnow | owasp-asvs-report-generator | Ibuildings OWASP ASVS Report Generator | 0 | 12/4/2015 3:09 PM | 1/1/0001 12:00 AM | ||
GDSSecurity | GWT-Penetration-Testing-Toolset | A set of tools made to assist in penetration testing GWT applications. Additional details about these tools can be found on my OWASP Appsec DC slides available here: http://www.owasp.org/images/7/77/Attacking_Google_Web_Toolkit.ppt | 6 | 5/19/2016 3:39 AM | 1/1/0001 12:00 AM | ||
andresriancho | owaspantisamy | Automatically exported from code.google.com/p/owaspantisamy | 66 | 5/12/2016 2:28 AM | 1/1/0001 12:00 AM | ||
damonmiller | esapi4cf | OWASP Enterprise Security API (ESAPI) for ColdFusion/CFML Project | 15 | 2/21/2016 10:58 PM | 1/1/0001 12:00 AM | ||
ESAPI | esapi-java-legacy | ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications. | 151 | 5/28/2016 4:55 PM | 1/1/0001 12:00 AM | ||
zaproxy | zaproxy-test | OWASP ZAP test code | 0 | 10/31/2015 10:02 PM | 1/1/0001 12:00 AM | ||
NoobieDog | Dir-Xcan | Python version of OWASP's DirBuster Application. | 1 | 1/23/2016 6:07 PM | 1/1/0001 12:00 AM | ||
mpirnat | lets-be-bad-guys | A deliberately-vulnerable website and exercises for teaching about the OWASP Top 10 | 0 | 5/29/2016 1:33 PM | 1/1/0001 12:00 AM | ||
islamoc | odz | OWASP ODZ CMS Scanner | 1 | 2/19/2015 10:21 PM | 1/1/0001 12:00 AM | ||
AshleyPoole | OWASP-2013-Demo | This website demonstrates OWASP's top 10 vulnerabilities | 7 | 7/29/2015 12:36 PM | 1/1/0001 12:00 AM | ||
hankbao | owasp-igoat | The OWASP iGoat project, mirrored from http://code.google.com/p/owasp-igoat/ | 0 | 2/26/2016 5:14 AM | 1/1/0001 12:00 AM | ||
shauvik | OWASP-CTF | 0 | 4/5/2016 5:00 PM | 1/1/0001 12:00 AM | |||
thatcoderguy | OWASP-Faux-Bank-ClassicASP | A proof of concept project that demonstrates oWASP.org's top 10 web vulnerabilities | 0 | 5/19/2016 2:08 AM | 1/1/0001 12:00 AM | ||
mike-goodwin | owasp-threat-dragon | An open source, online threat modelling tool from OWASP | 0 | 5/14/2016 8:05 PM | 1/1/0001 12:00 AM | ||
ethicalhack3r | owasp-asvs-markdown | OWASP ASVS 3.0 in Markdown | 0 | 2/26/2016 1:45 PM | 1/1/0001 12:00 AM | ||
DhirajOnGitHub | OWASP_KALP_Mobile_Project | OWASP KALP Mobile Project is an android application developed for users to view OWASP Top 10 (WEB and MOBILE) on mobile devices. | 0 | 8/14/2015 12:11 AM | 1/1/0001 12:00 AM | ||
koto | owasp-malicious-javascript | Materials for OWASP presentation on malicious JavaScript | 0 | 6/5/2015 12:06 AM | 1/1/0001 12:00 AM | ||
zostay | owasp-esapi-perl | OWASP Enterprise Security API for Perl | 0 | 9/8/2014 11:13 PM | 1/1/0001 12:00 AM | ||
ss23 | owasp-2013 | Hopefully a set of labs/code/exercises for the owasp top 10 2013 list | 0 | 5/10/2014 4:42 AM | 1/1/0001 12:00 AM | ||
chuckfw | owaspbwa | OWASP Broken Web Applications Project | 19 | 5/9/2016 7:01 AM | 1/1/0001 12:00 AM | ||
lixuekaibit | OWASP_Scanner | a software to scan your websites' OWASP flaw | 0 | 11/11/2014 8:48 AM | 1/1/0001 12:00 AM | ||
continuumsecurity | zap-java-api | A client API for OWASP ZAP that uses Java types. | 2 | 5/22/2016 12:28 PM | 1/1/0001 12:00 AM | ||
stevespringett | zap-sonar-plugin | Integrates OWASP Zed Attack Proxy reports into SonarQube | 0 | 5/18/2016 11:56 PM | 1/1/0001 12:00 AM | ||
csanders-git | owasp-crs-regressions | 4 | 3/14/2016 3:55 PM | 1/1/0001 12:00 AM | |||
yukisov | php-owasp-zap-v2 | PHP client API for OWASP ZAP 2 | 0 | 5/24/2016 2:58 PM | 1/1/0001 12:00 AM | ||
adedayo | zapper | Run OWASP ZAP in Jenkins for automated security assessment | 0 | 4/23/2016 1:22 AM | 1/1/0001 12:00 AM | ||
zaproxy | zap-api-dotnet | OWASP ZAP Dot NET API | 0 | 5/23/2016 1:31 PM | 1/1/0001 12:00 AM | ||
BartJolling | owasp4net | Demonstration of OWASP top 10 vulnerabilities in ASP.NET MVC | 0 | 3/23/2016 2:15 AM | 1/1/0001 12:00 AM | ||
Crydust | owasp-esapi-onlyencryptedproperties | A fork of owasp-esapi-java that only contains the necessary code and dependencies to use encryptedproperties. | 0 | 2/24/2014 1:58 PM | 1/1/0001 12:00 AM | ||
Jing-Xie | owasp-aside | Application Security in Integrated Development Environment | 0 | 11/15/2013 8:29 PM | 1/1/0001 12:00 AM | ||
ghorbanzadeh | OWAAT | OWASP ASVS Assessment Tool | 2 | 1/27/2016 11:23 AM | 1/1/0001 12:00 AM | ||
davehunt | pytest-zap | OWASP Zed Attack Proxy plugin for py.test | 0 | 4/23/2016 1:16 AM | 1/1/0001 12:00 AM | ||
citizen-stig | dockermutillidae | Docker container for OWASP Mutillidae II Web Pen-Test Practice Application | 0 | 4/29/2016 8:40 PM | 1/1/0001 12:00 AM | ||
kxopa | owaspcsrftester | Automatically exported from code.google.com/p/owaspcsrftester | 1 | 7/20/2015 9:32 PM | 1/1/0001 12:00 AM | ||
ovaldez9497 | owaspctf | Automatically exported from code.google.com/p/owaspctf | 0 | 3/4/2016 8:54 PM | 1/1/0001 12:00 AM | ||
candrawaskito | owasplab | Website simulasi untuk belajar hacking based OWASP | 0 | 11/17/2015 5:32 AM | 1/1/0001 12:00 AM | ||
alienxxx | owaspka | OWASP Karlsruhe Round Table 14 | 0 | 10/4/2014 8:22 AM | 1/1/0001 12:00 AM | ||
shootdatarget | owaspbricks | Automatically exported from code.google.com/p/owaspbricks | 1 | 3/27/2015 10:51 AM | 1/1/0001 12:00 AM | ||
margvall | owaspdocs | 0 | 2/11/2014 5:39 AM | 1/1/0001 12:00 AM | |||
wargames-cookbooks | bricks | OWASP Bricks chef cookbook | 0 | 2/16/2015 9:49 PM | 1/1/0001 12:00 AM | ||
zhanjindong | security-demo | OWASP TOP10&ESAPI DEMO | 0 | 3/13/2016 9:23 AM | 1/1/0001 12:00 AM | ||
arjunv | WebXploiter | WebXploiter - An OWASP Top 10 Security scanner ! | 0 | 3/23/2016 7:37 PM | 1/1/0001 12:00 AM | ||
trietptm | SQL-Injection-Payloads | SQL Injection Payloads for Burp Suite, OWASP Zed Attack Proxy,... | 0 | 5/18/2016 6:04 AM | 1/1/0001 12:00 AM | ||
injcristianrojas | owasp-zap-cookbook | OWASP ZAP Proxy cookbook | 0 | 4/27/2015 3:57 PM | 1/1/0001 12:00 AM | ||
zostay | owasp-top10-perl | Web Application Security - Good and bad examples in Perl | 0 | 5/1/2016 8:50 PM | 1/1/0001 12:00 AM | ||
BuddhaLabs | OWASP_ZAP-OSX | NON OFFICIAL - OWAS ZAP OSX Installer | 1 | 6/17/2015 8:51 AM | 1/1/0001 12:00 AM | ||
SecurityInnovation | OWASP-TeamMentor-Library | 0 | 10/20/2013 6:48 PM | 1/1/0001 12:00 AM | |||
lueinfoservices | OWASPBase | 0 | 4/27/2015 4:46 PM | 1/1/0001 12:00 AM | |||
ssssmmmm | owaspdotnet | 0 | 8/31/2015 6:39 PM | 1/1/0001 12:00 AM | |||
blowdart | OWASPDemos | OWASP Talk Demos | 0 | 9/15/2015 2:32 PM | 1/1/0001 12:00 AM | ||
JPCERTCC | OWASPdocuments | Japanese translation of OWASP documents | 0 | 5/15/2016 5:26 AM | 1/1/0001 12:00 AM | ||
eoftedal | SafeNuGet | This repo has been moved to https://github.com/OWASP/SafeNuGet | 0 | 12/31/2013 12:46 PM | 1/1/0001 12:00 AM | ||
PROSPricing | zap-gradle-plugin | Standalone gradle plugin to aid in integrating OWASP ZAP (security analysis tool) | 1 | 10/23/2015 3:05 PM | 1/1/0001 12:00 AM | ||
pdsoftplan | zap-maven-plugin | OWASP Zed Attack Proxy (ZAP) Maven plugin | 0 | 5/17/2016 12:34 PM | 1/1/0001 12:00 AM | ||
kost | owasp-favicon-crawl | OWASP favicon crawl scripts | 0 | 9/8/2014 8:45 PM | 1/1/0001 12:00 AM | ||
lighthouse-labs | owasp-top-10-examples | Examples demonstrating some common web application vulnerabilities. | 0 | 12/16/2015 7:50 AM | 1/1/0001 12:00 AM | ||
kohsuke | owasp-java-html-sanitizer | Maven packaging of OWASP Java HTML sanitizer | 1 | 11/8/2015 5:55 PM | 1/1/0001 12:00 AM | ||
aawilson | owasptop10 | A simple web app demonstrating OWASP top 10 vulnerabilities | 0 | 3/6/2015 2:57 AM | 1/1/0001 12:00 AM | ||
jrcode | OWASPv4 | Directory Structure OWASP Testing Guide V4 | 0 | 9/18/2014 10:23 PM | 1/1/0001 12:00 AM | ||
pdsoftplan | sonar-zap | Feed SonarQube with OWASP Zed Attack Proxy (ZAP) reports | 1 | 5/2/2016 11:29 AM | 1/1/0001 12:00 AM | ||
zaproxy | zap-api-java | OWASP ZAP Java API | 0 | 5/23/2016 1:27 PM | 1/1/0001 12:00 AM | ||
DhirajOnGitHub | OWASPMobileApp | View and Share OWASPTop10 for Mobile/ Web an Android Application for Android Users. | 0 | 6/20/2015 8:21 AM | 1/1/0001 12:00 AM | ||
rupesh-trigyn | OWASPTOP10 | 0 | 11/26/2015 6:03 AM | 1/1/0001 12:00 AM | |||
kennel209 | webgoat-walkthrough-cn | OWASP WebGoat 中文攻略 | 0 | 11/14/2014 11:13 AM | 1/1/0001 12:00 AM | ||
theratpack | grails-zap-security-tests-plugin | Grails plugin to run security tests using the OWASP's Zed Attack Proxy | 4 | 3/9/2016 8:03 PM | 1/1/0001 12:00 AM | ||
CCSIR | WP-Plugins-Scanner | Wordpress Plugins Scanner it's a semi-automatic white box pentesting/crawler app for WP plugins using RIPS from OWASP. | 1 | 12/2/2015 12:38 AM | 1/1/0001 12:00 AM | ||
parrot55 | zap-plugin | Plugin for displaying OWASP Zed Attack Proxy alerts into Jenkins CI | 1 | 9/29/2014 9:30 AM | 1/1/0001 12:00 AM | ||
wargames-cookbooks | vicnum | OWASP Vicnum chef cookbook | 0 | 2/17/2015 10:21 PM | 1/1/0001 12:00 AM | ||
kpachhai | SnowFROC_CTF_2013_Exercises | Boulder OWASP 2013 CTF Exercises | 0 | 7/23/2015 4:30 PM | 1/1/0001 12:00 AM | ||
zaproxy | zap-api-python | OWASP ZAP Python API | 3 | 5/26/2016 9:24 AM | 1/1/0001 12:00 AM | ||
ingresssec | owasp-scan | OWASP Test Version 3 Scanner | 0 | 9/9/2014 6:31 AM | 1/1/0001 12:00 AM | ||
TeamMentor-OWASP | Library_OWASP | TeamMentor Library with OWASP Top 10 Articles ( CC Licensed) | 0 | 4/6/2014 6:04 PM | 1/1/0001 12:00 AM | ||
jonpasski | owasp-testcases | Test cases for various OWASP projects | 0 | 2/7/2014 7:30 AM | 1/1/0001 12:00 AM | ||
DanFiedler | owasp-std | OWASP Security Tools for Developers | 0 | 12/9/2014 8:30 PM | 1/1/0001 12:00 AM | ||
MarioFGC | Owasp.Passwords | Passwords Project OWASP Conference August 2011 | 0 | 11/8/2013 11:16 PM | 1/1/0001 12:00 AM | ||
MarioFGC | Owasp.SQL | Owasp Conference SQL Injection Code | 0 | 11/11/2014 3:15 AM | 1/1/0001 12:00 AM | ||
ricardodiasc | owasp-stf | 0 | 7/25/2014 12:35 PM | 1/1/0001 12:00 AM | |||
adam139 | owasp.policy | a plone stie policy for owasp project | 0 | 2/4/2015 12:52 PM | 1/1/0001 12:00 AM | ||
skyleronken | owasp-act | OWASP AJAX Crawling Tool | 0 | 6/22/2015 7:20 PM | 1/1/0001 12:00 AM | ||
TomStageDK | OWASP-DEF | OWASP DEF (Data Exchange Format) | 0 | 6/17/2014 9:58 AM | 1/1/0001 12:00 AM | ||
cyrilj22 | owasp-hacmebank | Automatically exported from code.google.com/p/owasp-hacmebank | 0 | 8/7/2015 4:51 AM | 1/1/0001 12:00 AM | ||
subhendugiri | owasp_vulnerability | OWASP Vulnerability for Drupal | 0 | 8/24/2015 9:28 AM | 1/1/0001 12:00 AM | ||
marylinh | owasp-research | Research Portal OWASP | 0 | 9/22/2015 11:06 PM | 1/1/0001 12:00 AM | ||
adedayo | owasp-zaproxy | 0 | 5/5/2015 1:15 AM | 1/1/0001 12:00 AM | |||
arian-x | TS_OWASP | a full js developed website showing and giving information about owasp top ten attack | 0 | 10/25/2015 6:19 AM | 1/1/0001 12:00 AM | ||
BeckerMax | SSE_OWASP | 0 | 10/29/2015 12:42 PM | 1/1/0001 12:00 AM | |||
richcar58 | owasp-java | Automatically exported from code.google.com/p/owasp-java | 2 | 2/1/2016 4:35 AM | 1/1/0001 12:00 AM | ||
hackertron | OWASP_DEMO | just a bunch of vulnerable web pages for demo | 0 | 3/25/2016 12:10 PM | 1/1/0001 12:00 AM | ||
gbreavin | owasp-top10-salesforce | Examples of OWASP Top 10 vulnerabilities in Salesforce | 0 | 3/8/2016 1:32 PM | 1/1/0001 12:00 AM | ||
caohhung | OWASP-zap | 0 | 4/14/2016 9:33 AM | 1/1/0001 12:00 AM | |||
rimthong | owasp-multifacteurs | Démonstration d'auth multifacteurs | 0 | 10/25/2013 3:27 AM | 1/1/0001 12:00 AM | ||
rajatsaxena | gsoc_owasp | 0 | 6/16/2014 5:27 AM | 1/1/0001 12:00 AM | |||
bluescreen10 | owasp-workshop | Simple application full of vulnerabilities to practice OWASP Top 10 | 0 | 9/9/2014 5:18 AM | 1/1/0001 12:00 AM | ||
cmlh | OWASP_PCI | OWASP PCI Project | 0 | 12/12/2013 4:45 PM | 1/1/0001 12:00 AM | ||
bertonjulian | OWASP-Attacker | A simple website written in Node.js that is designed to be an attackers website that is able to list all incoming http requests. | 0 | 7/11/2014 8:32 AM | 1/1/0001 12:00 AM | ||
miss-sudo | owasp-broken | OWASP Vulnerable Web Application - Moar Disk Space | 0 | 8/31/2014 8:21 AM | 1/1/0001 12:00 AM | ||
GeeH | PHPNW-OWasp | Repository containing example code for PHP NW 2014 Talk | 0 | 7/5/2014 11:22 AM | 1/1/0001 12:00 AM | ||
cyberxml | django-owasp | OWASP Top Ten Demonstration Server | 0 | 8/13/2015 4:49 PM | 1/1/0001 12:00 AM | ||
Vietworm | OWASP_security | Demo nodejs security for article | 0 | 10/7/2015 4:45 PM | 1/1/0001 12:00 AM | ||
Logicworks | owasp-parser | Experimental script to parse OWASP mod_security rules and hopefully turn them into Amazon WAF rules | 0 | 4/4/2016 2:00 PM | 1/1/0001 12:00 AM | ||
TMContent | Lib_OWASP | 0 | 1/13/2013 3:52 AM | 1/1/0001 12:00 AM | |||
colezlaw | owasp-types | Real data types for parsing and validating input. | 0 | 3/29/2014 7:42 PM | 1/1/0001 12:00 AM | ||
silya1986 | owasp-zap | 0 | 11/12/2014 11:03 PM | 1/1/0001 12:00 AM | |||
ectechno | owasp-jenkins | 0 | 2/20/2015 3:51 PM | 1/1/0001 12:00 AM | |||
thiagosqr | owasp-thymeleaf | OWASP CSRFGuard 3 integration with Thymeleaf | 0 | 9/14/2015 1:14 PM | 1/1/0001 12:00 AM | ||
markieboy | OWASP_CTF | 0 | 1/27/2016 5:19 PM | 1/1/0001 12:00 AM | |||
philpursglove | OWASP.NET | 0 | 2/5/2016 4:24 PM | 1/1/0001 12:00 AM | |||
ibuildingsnl | owasp-aasvs | OWASP Annotated Application Verfication Standard | 1 | 3/16/2016 9:33 PM | 1/1/0001 12:00 AM | ||
10dot | codeburner-owasp | OWASP meetup presentation | 0 | 4/20/2016 7:06 PM | 1/1/0001 12:00 AM | ||
adnanmasood | webgoat.mvc | OWASP Top 10 Implemented in ASP.NET MVC | 1 | 3/15/2015 4:39 AM | 1/1/0001 12:00 AM | ||
nu11p0inter | PathTraverser | OWASP Path Traverser | 4 | 10/13/2015 3:10 PM | 1/1/0001 12:00 AM | ||
mozmark | OWASP-Louisville | 0 | 10/17/2013 5:45 AM | 1/1/0001 12:00 AM | |||
TheFIUBABoys | cripto-owasp | 0 | 5/17/2015 6:20 PM | 1/1/0001 12:00 AM | |||
michaelsrichter | azure.owasp | Guidance for securing your web applications with Microsoft Azure services | 0 | 1/12/2016 5:42 PM | 1/1/0001 12:00 AM | ||
Kembolle | OWASP-Cuiaba | OWASP Chapter Cuiabá | 0 | 11/1/2015 6:32 PM | 1/1/0001 12:00 AM | ||
addiittya2006 | owasp-educate | Knowledge Base Plugin API for Seraphimdroid | 4 | 5/8/2016 12:00 PM | 1/1/0001 12:00 AM | ||
debugthings | OWASPTop10Tampa | MVC Website that demonstrates a few OWASP vulnerabilities | 0 | 11/3/2014 5:17 AM | 1/1/0001 12:00 AM | ||
Voulnet | OWASPModSecIIS | OWASP Core Rule Set for ModSecurity on IIS | 0 | 3/25/2013 8:36 AM | 1/1/0001 12:00 AM | ||
47th | OwaspSanitizerNet | Port of owasp-java-html-sanitizer to .NET | 0 | 10/6/2013 6:08 PM | 1/1/0001 12:00 AM | ||
melozo | owaspSevilla-modsec | Repo para taller modsec de owaspSevilla | 0 | 3/10/2016 5:02 PM | 1/1/0001 12:00 AM | ||
gustavorhm | ZapPenTester | Command line tool that enables automated penetration testing in the Microsoft stack using OWASP ZAP | 0 | 10/8/2015 2:45 PM | 1/1/0001 12:00 AM | ||
cmattoon | cal9000 | OWASP CAL9000 | 0 | 6/23/2015 9:02 PM | 1/1/0001 12:00 AM | ||
rduman | OwaspTop10-2013 | 0 | 12/20/2013 11:48 AM | 1/1/0001 12:00 AM | |||
PhilDunphy | OWASPSecurityShepherdDoc | Location for storing documentation related to OWASP Shepherd | 0 | 10/15/2015 9:04 AM | 1/1/0001 12:00 AM | ||
sergioms | OwaspZapClient | 0 | 2/19/2016 11:25 PM | 1/1/0001 12:00 AM | |||
prateek147 | DVIA | Damn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment. This application covers all the common vulnerabilities found in iOS applications (following OWASP top 10 mobile risks) and contains several challenges that the user can try. This application also contains a section where a user can read various articles on iOS application security. This project is developed and maintained by @prateekg147. The vulnerabilities and solutions covered in this app are tested upto iOS 8.1 . | 5 | 5/10/2016 7:40 AM | 1/1/0001 12:00 AM | ||
jeremylong | dependency-check-jenkins | Jenkins plugin for the OWASP dependency-check. This can be used to monitor the java libraries used in an application and report if there are any known vulnerabilities (e.g. CVEs). | 0 | 5/23/2016 10:49 AM | 1/1/0001 12:00 AM | ||
klchia | webgoat | owasp webgoat | 0 | 4/21/2014 11:43 AM | 1/1/0001 12:00 AM | ||
michaelhidalgo | OWASP_O2 | OWASP O2 | 0 | 1/9/2013 6:56 AM | 1/1/0001 12:00 AM | ||
ysoftdevs | odc-analyzer | OWASP Dependency Check reports analyzer | 0 | 3/4/2016 4:08 PM | 1/1/0001 12:00 AM | ||
catmin | gwt-owasp10 | example code | 0 | 4/18/2014 12:54 AM | 1/1/0001 12:00 AM | ||
icodes | zap | owasp zap | 0 | 12/24/2014 12:08 PM | 1/1/0001 12:00 AM | ||
Abhi-M | getmantra | OWASP Mantra | 0 | 11/7/2014 3:36 PM | 1/1/0001 12:00 AM | ||
7a | owtf_demos | Repository to organise OWASP OWTF demos | 0 | 3/25/2014 1:05 PM | 1/1/0001 12:00 AM | ||
cweider | js-security | Encoding and decoding methods c/o OWASP | 2 | 10/21/2015 5:51 PM | 1/1/0001 12:00 AM | ||
cmlh | OWASP-Top-Ten-2010 | DEPRECATED, refer to https://github.com/cmlh/OWASP-Top-Ten-2013 instead | 0 | 5/19/2014 12:05 PM | 1/1/0001 12:00 AM | ||
Bhanudev | OWASP-Hackademic-Challenges | My development code for OWASP Hackademic Challenges | 0 | 6/12/2015 9:49 PM | 1/1/0001 12:00 AM | ||
DinisCruz | Book_Thoughts_OWASP | Content for 'Thoughts on OWASP' book published at LeanPub | 0 | 4/7/2014 1:56 AM | 1/1/0001 12:00 AM | ||
vjex | 2014-Owasp-top-10- | A new way to learn Owasp top 10 with Case Studies. | 0 | 8/25/2014 8:46 AM | 1/1/0001 12:00 AM | ||
mapiman | owasp-esapi-java | Automatically exported from code.google.com/p/owasp-esapi-java | 170 | 3/17/2015 2:16 PM | 1/1/0001 12:00 AM | ||
Varbin | owasp-esapi-python | Automatically exported from code.google.com/p/owasp-esapi-python | 1 | 8/4/2015 12:48 PM | 1/1/0001 12:00 AM | ||
guangyue | owasp-hackademic-challenges | Automatically exported from code.google.com/p/owasp-hackademic-challenges | 5 | 7/12/2015 6:31 AM | 1/1/0001 12:00 AM | ||
Gloden | owasp-esapi-dotnet | Automatically exported from code.google.com/p/owasp-esapi-dotnet | 3 | 9/21/2015 3:11 AM | 1/1/0001 12:00 AM | ||
CarineSAM | owasp-code-central | Automatically exported from code.google.com/p/owasp-code-central | 16 | 4/14/2015 8:20 AM | 1/1/0001 12:00 AM | ||
rpuch | test-owasp-maven-plugin | 0 | 4/3/2015 5:17 PM | 1/1/0001 12:00 AM | |||
ncarusso | OWASP_A2_Vulnerability | 0 | 10/18/2015 9:52 AM | 1/1/0001 12:00 AM | |||
docent-net | owasp-eee-2015 | Materials from my presentation during OWASP EEE 2015 | 0 | 10/6/2015 4:44 PM | 1/1/0001 12:00 AM | ||
jackyu1978 | owasp-esapi-cplusplus | Automatically exported from code.google.com/p/owasp-esapi-cplusplus | 8 | 10/8/2015 6:00 AM | 1/1/0001 12:00 AM | ||
conniden | owasp-esapi-classicasp | Automatically exported from code.google.com/p/owasp-esapi-classicasp | 0 | 2/22/2016 9:28 AM | 1/1/0001 12:00 AM | ||
welcomemandeep | owasp-java-fileio | Automatically exported from code.google.com/p/owasp-java-fileio | 0 | 2/15/2016 5:25 PM | 1/1/0001 12:00 AM | ||
5t0rm5had0w | OWASP-Security-Shepherd | 0 | 2/3/2016 11:06 AM | 1/1/0001 12:00 AM | |||
CtrlDot | OWASP-AppSensor-MVC5 | 0 | 12/26/2015 2:15 PM | 1/1/0001 12:00 AM | |||
keaneokelley | OWASP-aware-zone | Classic webapp vulnerability demonstration | 0 | 3/22/2016 7:14 PM | 1/1/0001 12:00 AM | ||
philippevidal80 | OWASP-2013-A2 | Présentation de la Violation de Gestion d'authentification et de Session. | 0 | 4/7/2016 2:26 PM | 1/1/0001 12:00 AM | ||
SpiderLabs | OWASP-CRS-Documentation | Documentation for the OWASP CRS project | 0 | 3/19/2016 2:44 PM | 1/1/0001 12:00 AM | ||
socmap | owasp-esapi-java-swingset | Automatically exported from code.google.com/p/owasp-esapi-java-swingset | 6 | 4/12/2016 3:26 PM | 1/1/0001 12:00 AM | ||
PDi-Communication-Systems-Inc | lollipop_external_owasp | fast and easy way to configure HTML Sanitizer -- protect against XSS | 0 | 3/24/2016 6:26 PM | 1/1/0001 12:00 AM | ||
mike-goodwin | owasp-threat-dragon-demo | Demo models for OWASP Threat Model | 0 | 4/18/2016 7:05 PM | 1/1/0001 12:00 AM | ||
deveaus | owasp-c_swd | 0 | 5/22/2016 9:51 PM | 1/1/0001 12:00 AM | |||
BuddhaLabs | OWASP_Mantra_Janus-OSX | OWASP Mantra Janus for OSX | 0 | 1/24/2014 7:50 PM | 1/1/0001 12:00 AM | ||
ShaneWhelan | Online-Store-OWASP-Secure | An online store developed with Enterprise JavaBeans that follows OWASP (https://www.owasp.org/index.php/Main_Page) security guidelines. | 0 | 5/8/2014 11:15 PM | 1/1/0001 12:00 AM | ||
beingArunkumar | OWASP-ClickMe | ClickMe will help you to create a test page for Click jacking vulnerability | 0 | 2/28/2015 6:47 PM | 1/1/0001 12:00 AM | ||
prafulagarwal | OWASP_Security_Catalyst | OWASP Security Catalyst project is a collection of dummy applications (fully secure and fully vulnerable versions) in various programming languages and platforms including .NET, JAVA, PHP, Android, iPhone, etc, demonstrating implementation of OWASP's secure design and development guidelines. | 0 | 7/14/2015 3:19 AM | 1/1/0001 12:00 AM | ||
CyanogenMod | android_external_owasp_sanitizer | 0 | 11/6/2014 5:48 AM | 1/1/0001 12:00 AM | |||
rajivvishwa | owasp-testing-checklist | Automatically exported from code.google.com/p/owasp-testing-checklist | 0 | 3/15/2015 2:57 AM | 1/1/0001 12:00 AM | ||
xin3liang | platform_external_owasp_sanitizer | mirror from https://android.googlesource.com/platform/external/owasp/sanitizer.git | 0 | 7/26/2014 1:29 PM | 1/1/0001 12:00 AM | ||
piscessignature | owasp-testing-checklist.img | Automatically exported from code.google.com/p/owasp-testing-checklist.img | 0 | 7/5/2015 6:09 AM | 1/1/0001 12:00 AM | ||
AlbanAndrieu | ansible-owasp-wte | Ansible role to install owasp-wte | 0 | 7/23/2015 1:54 PM | 1/1/0001 12:00 AM | ||
MIPS | external-owasp-sanitizer | 0 | 5/14/2015 3:08 AM | 1/1/0001 12:00 AM | |||
deusprogrammer | trinary-owasp-test | 0 | 6/22/2015 9:28 PM | 1/1/0001 12:00 AM | |||
jackyu1978 | owasp-esapi-c | Automatically exported from code.google.com/p/owasp-esapi-c | 1 | 8/26/2015 9:34 AM | 1/1/0001 12:00 AM | ||
scarletsec | owasp-esapi-swingset-interactive | Automatically exported from code.google.com/p/owasp-esapi-swingset-interactive | 0 | 5/15/2015 7:23 PM | 1/1/0001 12:00 AM | ||
davpetersonwellsfargo | owasp_developer_guide | owasp developer guide 2.0.1 | 0 | 1/19/2016 4:50 PM | 1/1/0001 12:00 AM | ||
The-Clairvoyant | OWASP-TOP-10-2013 | Study Materials & Tools of OWASP-TOP-10-2013 | 0 | 12/14/2015 12:36 PM | 1/1/0001 12:00 AM | ||
sandeepbhatt | owasp-jsp-testing-tool | Automatically exported from code.google.com/p/owasp-jsp-testing-tool | 1 | 2/11/2016 10:50 AM | 1/1/0001 12:00 AM | ||
enzerus | owasp_bwa_translation | bwaの翻訳 | 1 | 2/22/2016 7:59 PM | 1/1/0001 12:00 AM | ||
PentestBox | OWASP-Joomla-Vulnerability-Scanner | 0 | 3/10/2016 12:02 PM | 1/1/0001 12:00 AM | |||
DarkLighting | OWASP-ZAP-Scripts | 0 | 4/26/2016 10:43 PM | 1/1/0001 12:00 AM | |||
hackthem | drupal_owasp_top10 | 0 | 5/11/2016 7:55 AM | 1/1/0001 12:00 AM | |||
taogogo | OWASP-Top-10-Chinese | OWASP Top 10 Chinese中文版,OWASP Top 10 2013中文版 | 0 | 6/18/2014 2:53 AM | 1/1/0001 12:00 AM | ||
qtqyp | owasp-csrfGuard | 0 | 5/7/2013 7:53 AM | 1/1/0001 12:00 AM | |||
novogeek | OWASP_May2012 | 0 | 12/1/2013 2:52 AM | 1/1/0001 12:00 AM | |||
OWASP-Austin | austin.owasp.org | 0 | 1/13/2013 12:09 PM | 1/1/0001 12:00 AM | |||
mtesauro | legacy-owasp-wte | Direct import of the legacy source of OWASP WTE from Google Code for reference purposes only. | 0 | 10/3/2014 7:28 PM | 1/1/0001 12:00 AM | ||
SPoint42 | OWASP-SonarQube | Home of the OWASP SonarQube Project | 0 | 6/16/2014 1:10 PM | 1/1/0001 12:00 AM | ||
onewaypub | owasp-modsecurity-for-owncloud | changed and apdapted files for an owncloud installation | 0 | 7/12/2015 5:02 PM | 1/1/0001 12:00 AM | ||
androidaosp | platform-external-owasp-sanitizer | platform/external/owasp/sanitizer | 0 | 8/29/2015 4:54 AM | 1/1/0001 12:00 AM | ||
rambasnet | owasp-top-10 | Automatically exported from code.google.com/p/owasp-top-10 | 0 | 8/11/2015 5:53 PM | 1/1/0001 12:00 AM | ||
josteitv | owasp-top10-java | 0 | 5/20/2015 12:09 AM | 1/1/0001 12:00 AM | |||
subudeepak | owasp-esapi-objective-c | Automatically exported from code.google.com/p/owasp-esapi-objective-c | 0 | 4/10/2015 12:45 PM | 1/1/0001 12:00 AM | ||
udith6415 | owasp-security-shepherd | 0 | 2/1/2016 9:34 PM | 1/1/0001 12:00 AM | |||
Domahc | Owasp-security-Shepherd | 1 | 1/31/2016 3:04 PM | 1/1/0001 12:00 AM | |||
asim-jaweesh | OWASP-ByWaf | ByWaf is a web application penetration testing framework (WAPTF). It consists of a command-line interpreter and a set of plugins. | 0 | 1/31/2016 1:07 PM | 1/1/0001 12:00 AM | ||
Naseef-Ali | owasp-Security-Shepherd-solutions | 0 | 2/5/2016 10:11 AM | 1/1/0001 12:00 AM | |||
securitymagick | OWASP-top-10 | A look at finding and fixing the OWASP top 10 in the Damn Vulnerable Cute Cat Application | 0 | 2/8/2016 4:00 AM | 1/1/0001 12:00 AM | ||
sunzhuo1987 | owasp-java-waf | Automatically exported from code.google.com/p/owasp-java-waf | 1 | 12/25/2015 10:03 AM | 1/1/0001 12:00 AM | ||
nhantd | docker-owasp_zap | 0 | 4/12/2016 2:39 PM | 1/1/0001 12:00 AM | |||
abaculus | secure-coding-owasp-2016 | 0 | 5/23/2016 8:56 AM | 1/1/0001 12:00 AM | |||
blabla1337 | owasp-skf-chef | OWASP-SKF Chef Cookbook | 0 | 5/24/2016 12:10 PM | 1/1/0001 12:00 AM | ||
yukisov | php-api-generator-for-owasp-zap | PHP client API generator for OWASP ZAP | 0 | 5/25/2016 11:57 PM | 1/1/0001 12:00 AM | ||
elmarkrainz | OwaspTop10MobileRisks | Demo for mobile Security | 0 | 11/12/2015 4:29 PM | 1/1/0001 12:00 AM | ||
convisoappsec | drone_owaspzap | drone_owaspzap | 0 | 10/14/2013 3:32 AM | 1/1/0001 12:00 AM | ||
wschiang | owaspdc_proj | This repo is for testing OWASP DC | 0 | 11/14/2015 9:22 PM | 1/1/0001 12:00 AM | ||
andrewwmuller | OWASP-Testing-Guide | The OWASP Testing Guide provides practical guidance for conducting web application security tests | 0 | 7/22/2014 9:30 AM | 1/1/0001 12:00 AM | ||
thatcoderguy | OWASP-Faux-Bank-PHP | PHP version of OWASP Faux Bank | 0 | 7/10/2014 7:43 PM | 1/1/0001 12:00 AM | ||
markdenihan | LatamOwaspSecurityShepherd | LATAM CTF Build for OWASP Security Shepherd (Outdated) | 0 | 5/21/2015 1:43 PM | 1/1/0001 12:00 AM | ||
ronaldbao | OWASP-CSRFGuard-3 | New OWASP CSRFGuard 3.1. | 0 | 1/21/2015 11:13 PM | 1/1/0001 12:00 AM | ||
OWASP-Kerala | OWASP-Top-10-Malayalam | Translation of OWASP Top 10 to Malayalam | 0 | 3/15/2015 1:31 PM | 1/1/0001 12:00 AM | ||
java4professionals | java4Pro-owasp | Java4Professionals OWASP Top 10 Real Life Samples | 0 | 3/22/2014 7:34 PM | 1/1/0001 12:00 AM | ||
PVDTechEvents | owasp_ri_scraper | Scrape currently scheduled OWASP RI event from OWASP.org for PVDTechEvents.com | 1 | 2/4/2014 2:50 AM | 1/1/0001 12:00 AM | ||
cmlh | OWASP-Top-Ten-2013 | Comparison of 2013, 2010, 2007, 2004 and 2003 OWASP Top Ten Releases | 0 | 1/23/2014 8:24 AM | 1/1/0001 12:00 AM | ||
erikbrannstrom | owasp-top10-demo | Simple demo of common web application vulnerabilities. Based on the OWASP Top 10. | 0 | 10/6/2013 10:59 AM | 1/1/0001 12:00 AM | ||
fcerullo | OWASP-Swingset-Interactive | 0 | 1/8/2013 8:57 AM | 1/1/0001 12:00 AM | |||
Omegaphora | external_owasp_sanitizer | 0 | 5/31/2015 1:11 PM | 1/1/0001 12:00 AM | |||
sirkkalap | owasp-top-10-2013 | Slideset for OWASP top 10 presentation | 0 | 10/22/2015 12:32 PM | 1/1/0001 12:00 AM | ||
Noko19 | owasp-python-static-analysis | Automatically exported from code.google.com/p/owasp-python-static-analysis | 0 | 2/16/2016 8:10 PM | 1/1/0001 12:00 AM | ||
geekboxzone | lollipop_external_owasp_sanitizer | 0 | 11/29/2015 1:49 PM | 1/1/0001 12:00 AM | |||
kattakum | OWASP-WebScarab | 0 | 12/12/2015 5:10 AM | 1/1/0001 12:00 AM | |||
geekboxzone | mmallow_external_owasp_sanitizer | 0 | 1/11/2016 7:33 PM | 1/1/0001 12:00 AM | |||
krvw | OWASP-iGoat | Home of the OWASP iGoat project. | 0 | 3/10/2016 2:37 PM | 1/1/0001 12:00 AM | ||
AdrianCitu | docker-owasp-skf | docker file for the OWASP Security Knowledge Framework | 0 | 5/5/2016 5:23 PM | 1/1/0001 12:00 AM | ||
Schrank | fail-owasp-top10-20120 | #fail - how not to do it (PHP) | 0 | 10/20/2013 2:36 PM | 1/1/0001 12:00 AM | ||
thatcoderguy | OWASP-Faux-Bank-DotNet | .Net version of OWASP Faux Bank | 0 | 7/10/2014 7:42 PM | 1/1/0001 12:00 AM | ||
zsahi | OWASP-GoatDroid-Project-master | 0 | 4/3/2015 9:37 AM | 1/1/0001 12:00 AM | |||
jeg1972 | owasp-threat-dragon-aws-deploy | Ansible Playbook to install all pre-requisites and the latest version of the OWASP Threat Dragon on an AWS EC2 instance | 0 | 5/1/2016 7:28 AM | 1/1/0001 12:00 AM | ||
suvroc | WebAPI-OWASP-App-Sensor | Library for intrusion detection and automated response into WebAPI applications | 0 | 3/15/2016 2:38 PM | 1/1/0001 12:00 AM | ||
SunSeaAndPalms | lab_owasp_dep_check_mvn | This project builds dependent artifcats known security vulnerabilities report using the OWASP dependency check maven plugin. | 0 | 6/1/2015 4:20 PM | 1/1/0001 12:00 AM | ||
gfoss | SnowFROC_2013_CTF | OWASP - SnowFROC 2013 Capture The Flag | 0 | 10/21/2014 4:35 PM | 1/1/0001 12:00 AM | ||
elspood | periodictable.github.com | OWASP Periodic Table | 0 | 11/20/2013 7:25 AM | 1/1/0001 12:00 AM | ||
ezedemo | ezedemo.github.io | OWASP csrf html | 0 | 6/11/2015 1:18 AM | 1/1/0001 12:00 AM | ||
pinniq | pentest | owasp penetration test tool | 0 | 9/15/2015 6:50 AM | 1/1/0001 12:00 AM | ||
satish28 | Workshop | OWASP top 10 Workshop | 0 | 12/15/2015 2:16 AM | 1/1/0001 12:00 AM | ||
tracer0tong | buzzboard | Model application with user activity ML filter for OWASP Night Tokyo 2016 | 0 | 3/14/2016 12:47 AM | 1/1/0001 12:00 AM | ||
danielsomerfield | turtles | Repo for sharing documents related to the OWASP "Turtles All the Way Down" presentation | 0 | 2/26/2016 2:51 AM | 1/1/0001 12:00 AM | ||
sergioms | xss_esapi | XSS Proof of concept and fix using OWASP ESAPI | 0 | 3/24/2016 4:09 PM | 1/1/0001 12:00 AM | ||
Grunny | zap-cli | A simple tool for interacting with OWASP ZAP from the commandline. | 3 | 4/28/2016 8:05 AM | 1/1/0001 12:00 AM | ||
Kembolle | Documentos | Documentos Chapter OWASP | 0 | 1/28/2014 2:18 AM | 1/1/0001 12:00 AM | ||
bl4de | php-esapi | OWASP PHP ESAPI library | 0 | 11/19/2014 8:52 AM | 1/1/0001 12:00 AM | ||
cathaldcronin1 | OWSAP-Info-App | Information Application for OWASP | 0 | 4/17/2015 1:30 PM | 1/1/0001 12:00 AM | ||
ludovicRoucoux | zaproxy-plugin | It's a Jenkins plugin that allows to start and execute the OWASP ZAP security tool. | 1 | 4/13/2015 1:04 PM | 1/1/0001 12:00 AM | ||
shariharper | demo | quarterly demo of OWASP | 0 | 10/12/2015 3:32 PM | 1/1/0001 12:00 AM | ||
shariharper | demo_app | quarterly demo of OWASP | 0 | 10/12/2015 5:56 PM | 1/1/0001 12:00 AM | ||
Kembolle | biblioteca | Documentações OWASP Chapter Cuiabá | 0 | 11/1/2015 6:32 PM | 1/1/0001 12:00 AM | ||
niklasnordlund | php-xss-filter | Five functions for OWASP's five rules of XSS prevention | 0 | 3/11/2016 9:49 PM | 1/1/0001 12:00 AM | ||
zaproxy | zaproxy.github.io | OWASP ZAP Website | 0 | 3/30/2016 2:25 PM | 1/1/0001 12:00 AM | ||
bradchesney79 | PHP-OWASP-ESAPI-Canonicalization-Demo | Built a login that uses the PHP ESAPI library specifically utilizing the Canonicalization feature. | 0 | 11/19/2014 8:54 AM | 1/1/0001 12:00 AM | ||
android-desktop | android_platform_external_owasp_sanitizer | 0 | 10/8/2015 9:57 AM | 1/1/0001 12:00 AM | |||
SiGhTfOrbACQ | Security-Principles | OWASP Security Principles | 0 | 1/10/2014 12:15 PM | 1/1/0001 12:00 AM | ||
wzllai | esapi-psr | OWASP PSR version | 0 | 1/9/2015 10:32 AM | 1/1/0001 12:00 AM | ||
bowserjklol | ZAPScripts | OWASP ZAP Scripts | 0 | 1/11/2016 4:37 AM | 1/1/0001 12:00 AM | ||
RobinLinus | websecurity-quiz | Test your Web Security knowledge with OWASP exam questions. | 0 | 5/20/2016 9:05 AM | 1/1/0001 12:00 AM | ||
thatcoderguy | OWASP-Faux-Bank-NodeJs | Node.js version of Faux Bank | 0 | 9/9/2014 3:54 PM | 1/1/0001 12:00 AM | ||
Prowlx | Category-OWASP_WebScarab_Project- |
http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project |
0 | 8/15/2014 3:14 PM | 1/1/0001 12:00 AM | ||
SleepyTonic | antisamy-sandbox | Tinkering with OWASP AntiSamy | 0 | 11/15/2014 5:09 AM | 1/1/0001 12:00 AM | ||
gddisney | mantra-os | OWASP Mantra-OS | 0 | 7/16/2015 12:03 AM | 1/1/0001 12:00 AM | ||
Jacobeom | security-presentation | OWASP TOP10 Samples | 0 | 10/11/2015 4:04 PM | 1/1/0001 12:00 AM | ||
vijiniyw | SecurityShepherd | OWASP Security Shepherd | 1 | 2/2/2016 3:24 PM | 1/1/0001 12:00 AM | ||
kravietz | play-esapi | Integrating OWASP ESAPI into Play Framework | 0 | 6/10/2015 11:48 AM | 1/1/0001 12:00 AM | ||
zaproxy | zap-api-go | OWASP ZAP Go API | 0 | 5/23/2016 1:30 PM | 1/1/0001 12:00 AM | ||
hacktics | good-old-files | An OWASP ZAP extension that enhances the detection of obsolete and hidden files | 1 | 12/10/2014 3:30 PM | 1/1/0001 12:00 AM | ||
born2snipe | antisamy-filter | A Java filter using the OWASP AntiSamy API to help prevent XSS vulnerabilities | 0 | 5/29/2014 1:28 PM | 1/1/0001 12:00 AM | ||
stian-fredrikstad | AppSec2014 | Presentasjon etter OWASP AppSec 2014 | 0 | 6/30/2014 10:10 PM | 1/1/0001 12:00 AM | ||
olesyak655 | 11142375_1 | OWASP_TOP_10_Information_Application | 0 | 3/23/2015 8:53 PM | 1/1/0001 12:00 AM | ||
jonsth131 | Securitytesting | Automated security testing with Selenium and OWASP ZAP | 0 | 2/22/2016 5:55 PM | 1/1/0001 12:00 AM | ||
citizen-stig | dockerowaspbricks | Docker container for OWASP Bricks | 0 | 4/3/2016 9:46 PM | 1/1/0001 12:00 AM | ||
Ariflo | redditAngularClone | OWASP standards exercise using Angular | 0 | 3/11/2016 8:52 PM | 1/1/0001 12:00 AM | ||
Carcarius | git-github.com-mjmajor-OWASP-CTF | 0 | 1/13/2013 1:49 PM | 1/1/0001 12:00 AM | |||
DhirajOnGitHub | OWASP-KALP-Mobile-Project-iOS-App | OWASP KALP Mobile Project is an iOS application developed for users to view OWASP Top 10 (WEB and MOBILE) on mobile device. | 0 | 6/20/2015 8:21 AM | 1/1/0001 12:00 AM | ||
dkd903 | CSEC-Project | OWASP Global 2013 Vulnerabilities - Testbed | 0 | 5/6/2014 10:49 PM | 1/1/0001 12:00 AM | ||
florent-fauvin | dependency-track-plugin | A Dependency-Track Plugin (OWASP) | 0 | 7/28/2015 1:28 PM | 1/1/0001 12:00 AM | ||
dibsy | JSEC_CVE_DETAILS | OWASP JSEC CVE DETAILS is an opensource application developed in Java that uses the api provided by cvedetails.com to receive latest CVE updates. | 0 | 1/26/2016 1:29 AM | 1/1/0001 12:00 AM | ||
greyshell | WebSecurity | OWASP Top 10: self learning | 0 | 4/20/2016 9:24 PM | 1/1/0001 12:00 AM | ||
Hung-NguyenTang | helloo | Vietnamese OWASP testing guide 4 | 0 | 3/9/2013 3:43 AM | 1/1/0001 12:00 AM | ||
lightsey | zap-extension-betterfuzz | Reworking of OWASP's ZAP Fuzz extension | 1 | 11/17/2014 8:37 AM | 1/1/0001 12:00 AM | ||
recompiler | Uniform-Reporting-Guidelines | Reporting Gudelines. See OWASP Project. | 0 | 12/2/2014 12:25 AM | 1/1/0001 12:00 AM | ||
henrybv | defense-against-dark-arts | web-security, OWASP Top-10 | 0 | 4/6/2016 9:19 PM | 1/1/0001 12:00 AM | ||
extremeiro | https---github.com-ebranca-owasp-pysec | 0 | 1/17/2015 2:38 PM | 1/1/0001 12:00 AM | |||
OWASP-Kerala | OWASP-Testing-Guide-V4-Malayalam | 0 | 3/17/2015 9:48 AM | 1/1/0001 12:00 AM | |||
jeancarlosdanese | owasp-password-strength-test-pt-BR | 0 | 4/26/2016 6:40 PM | 1/1/0001 12:00 AM | |||
TeamMentor | TM_3.2_with_OWASP_Library | TM_3.2_with_OWASP_Library | 0 | 10/10/2013 2:16 AM | 1/1/0001 12:00 AM | ||
yukisov | php-owasp-zap-v2.4 | PHP client API for OWASP ZAP 2.4.x (DEPRECATED) | 0 | 5/31/2015 3:08 PM | 1/1/0001 12:00 AM | ||
yukisov | php-owasp-zap-v2-wrapper | Wrapper library for zaproxy/php-owasp-zap-v2. | 0 | 10/21/2014 9:14 AM | 1/1/0001 12:00 AM | ||
donwpeterson | https-github.com-OWASP-WebGoat.NET | 0 | 3/26/2015 6:00 AM | 1/1/0001 12:00 AM | |||
MavenSecurityConsulting | OWASP-DE-HTTP-Header-injection-demo | OWASP DE HTTP Header injection demo | 0 | 1/26/2016 4:14 PM | 1/1/0001 12:00 AM | ||
duongkai | owaspvn-2013-demo | OWASP VN 2013 Presentation demo - Why Random Matters | 0 | 12/20/2013 4:48 AM | 1/1/0001 12:00 AM | ||
frohoff | owaspsd-deserialize-my-shorts | 0 | 3/21/2016 8:08 PM | 1/1/0001 12:00 AM | |||
sla-mobile | evidences | Example codebase from OWASP workshop. | 0 | 4/17/2013 9:39 PM | 1/1/0001 12:00 AM | ||
hacktics | deja-vu | An OWASP ZAP extension that compares the current page content to "revived" content from caching repositories | 0 | 11/17/2014 8:35 AM | 1/1/0001 12:00 AM | ||
sammyrulez | wasp-vs-pony | owasp top 10 Django cheatsht | 0 | 2/28/2014 1:55 PM | 1/1/0001 12:00 AM | ||
TheoKlein | WebGoat-Solution | OWASP WebGoat Project Personal Solution | 0 | 3/18/2016 3:50 PM | 1/1/0001 12:00 AM | ||
gcroteau | pluralsight-OWASP-top10-for-asp.net | Pluralsight exercies for the "OWASP Top 10 Web Application Security Risks for ASP.NET" course. | 0 | 2/3/2016 4:58 PM | 1/1/0001 12:00 AM | ||
avinashwable | MyWebgoat | OWASP's WebGoat for customization and learning | 0 | 5/14/2014 7:08 AM | 1/1/0001 12:00 AM | ||
rietta | apache-modsecurity-for-rails | Internal mod security for Rails, filters and such built on the OWASP list. | 0 | 7/2/2015 12:19 AM | 1/1/0001 12:00 AM | ||
jtsay362 | csrfguard | Mavenized version of OWASP CSRF Guard | 0 | 11/22/2013 4:36 PM | 1/1/0001 12:00 AM | ||
damonmiller | cfesapi | OWASP ESAPI for ColdFusion/CFML Project | 0 | 10/3/2013 8:18 PM | 1/1/0001 12:00 AM | ||
jaypoc | ocsrf | PHP Class implementing OWasp's CSRF code | 0 | 5/6/2014 8:39 PM | 1/1/0001 12:00 AM | ||
asrulhadi | wap | OWASP WAP - Web Application Protection Project | 0 | 4/7/2016 9:19 AM | 1/1/0001 12:00 AM | ||
za | appsecseries-srt | The OWASP AppSec Series Video Subtitle | 0 | 10/17/2013 11:44 PM | 1/1/0001 12:00 AM | ||
washu | antisamy-ruby | Anti-Samy implmentation for Ruby. This package is a port of the existing anti-samy project found on the OWASP site. | 0 | 10/30/2013 3:52 PM | 1/1/0001 12:00 AM | ||
creationmachine | warlord | Security guide for Java/Ruby OWASP standards. | 0 | 3/31/2015 4:57 PM | 1/1/0001 12:00 AM | ||
delta24 | owtf-healthmon | An experimental health monitor for OWASP OWTF | 0 | 3/4/2015 5:00 PM | 1/1/0001 12:00 AM | ||
armkat | easy-sanitize | Owasp Sanitizer Helper for Spring MVC | 0 | 1/18/2016 7:42 PM | 1/1/0001 12:00 AM | ||
portantier | pyzap | OWASP ZAP API Client (Python 3) | 0 | 3/31/2016 7:12 PM | 1/1/0001 12:00 AM | ||
riramar | pubkey-pin-android | Just another example for Android Public Key Pinning (based on OWASP example) | 0 | 5/12/2016 10:46 AM | 1/1/0001 12:00 AM | ||
7a | owtf_releases | OWASP OWTF Release repository: All OWASP OWTF releases can be found here | 0 | 4/1/2016 3:51 PM | 1/1/0001 12:00 AM | ||
bendodd | zaproxy-cookbook | Installs the OWASP Zed Attack Proxy (ZAP) | 0 | 9/25/2014 4:40 PM | 1/1/0001 12:00 AM | ||
tom-takahashi | ModSecurity | https://github.com/SpiderLabs/owasp-modsecurity-crs | 0 | 3/25/2014 7:11 AM | 1/1/0001 12:00 AM | ||
Nalanae | zaproxy-dotnet | .NET client for OWASP ZAP's API. | 0 | 7/29/2015 7:29 AM | 1/1/0001 12:00 AM | ||
OWASP-SKF | docker-skf | Docker file for OWASP Security Knowledge Framework | 0 | 6/23/2015 10:44 PM | 1/1/0001 12:00 AM | ||
opt9 | NodeRailsGoat | OWASP NodeGoat & RailsGoat hands-on training box | 0 | 4/30/2015 1:47 PM | 1/1/0001 12:00 AM | ||
pld-linux | apache-mod_security_crs | OWASP ModSecurity Core Rule Set (CRS) | 0 | 1/26/2014 6:49 AM | 1/1/0001 12:00 AM | ||
kozmic | presentation-mobile-security-introduction | Introduction to Mobile Security. Presentation based on drafted version of OWASP Top 10 Mobile. | 0 | 1/19/2016 6:46 AM | 1/1/0001 12:00 AM | ||
zaproxy | zap-swag | Artwork for all official OWASP ZAP swag - posters, stickers, t-shirts etc | 0 | 3/8/2016 3:03 AM | 1/1/0001 12:00 AM | ||
jonsth131 | NZap | .Net API client for OWASP Zap | 0 | 2/17/2016 8:35 PM | 1/1/0001 12:00 AM | ||
c-a-m | passfault-docker | Docker image base for OWASP passfault | 0 | 3/19/2016 6:23 PM | 1/1/0001 12:00 AM | ||
PCMall | stinger | PCM fork of the OWASP Stinger Project. https://www.owasp.org/index.php/Stinger | 0 | 11/12/2013 5:22 AM | 1/1/0001 12:00 AM | ||
sam-hobbs | whitelisting-tools-for-modsecurity | Whitelisting Tools for Apache ModSecurity and OWASP CRS. Not affiliated with the Apache, ModSecurity, or OWASP. | 0 | 7/6/2015 4:25 PM | 1/1/0001 12:00 AM | ||
tuanpm142 | https---github.com-SpiderLabs-owasp-modsecurity-crs-find-master | https://github.com/SpiderLabs/owasp-modsecurity-crs/find/master | 0 | 1/27/2015 4:42 AM | 1/1/0001 12:00 AM | ||
antonis | AppSecEu.2012.iOS | Provides info on the OWASP AppSec Research 2012 conference | 0 | 10/4/2013 7:06 PM | 1/1/0001 12:00 AM | ||
remyw | ESAPI-PHP | An unofficial clone of OWASP's ESAPI PHP project. | 0 | 4/23/2014 2:24 PM | 1/1/0001 12:00 AM | ||
tunnelshade | owtf-proxy | An inbound proxy module for OWASP OWTF as a part of Google Summer of Code 2013 | 0 | 1/14/2014 8:47 PM | 1/1/0001 12:00 AM | ||
bairob767 | Security-Test-ZedAttackProxi-Mutillidae2 | Pentesting: web app vulnerabilities (OWASP Zed Attack Proxy) | 0 | 4/5/2015 12:57 AM | 1/1/0001 12:00 AM | ||
Borealix | AppSensor2.NET | OWASP App Sensor 2.0 port for .NET (C#) platform | 0 | 7/1/2014 8:46 PM | 1/1/0001 12:00 AM | ||
arthepsy | zaproxy_ssl | SSL termination plugin for OWASP Zed Attack (ZAP) | 0 | 10/28/2015 6:15 PM | 1/1/0001 12:00 AM | ||
Stito-Bahja | upload | Automatically exported from code.google.com/p/owasp-esapi-php | 19 | 1/29/2016 4:27 PM | 1/1/0001 12:00 AM | ||
SecureTDD | VisualStudio | OWASP Secure TDD tool for Visual Studio 2013 | 0 | 4/26/2016 10:32 AM | 1/1/0001 12:00 AM | ||
Owasp-Indy | Open-Spider-Interchange-Format-Specification | Indianapolis OWASP Chapter Open Spider Interchange Format Specification | 0 | 12/31/2014 3:32 AM | 1/1/0001 12:00 AM | ||
Varyagovich | key_storage | second site for my OWASP Top-10 vulnerable project | 0 | 7/12/2015 10:54 AM | 1/1/0001 12:00 AM | ||
sims143 | elk-stack-documentation-screenshots | These screenshots are use in OWASP Appsensor elk-stack-documentation. | 0 | 3/26/2016 8:28 AM | 1/1/0001 12:00 AM | ||
djihuangweiping | phptest | Automatically exported from code.google.com/p/owasp-esapi-php | 4 | 3/21/2016 4:20 AM | 1/1/0001 12:00 AM | ||
Alex-Wauters | threat-modeling-example | Threat Modeling example made with OWASP Threat Dragon | 0 | 5/27/2016 11:12 AM | 1/1/0001 12:00 AM | ||
brightinteractive | html-sanitizer-poc | Proof of concept for OWASP HTML Sanitizer for XSS prevention - https://code.google.com/p/owasp-java-html-sanitizer/ | 0 | 9/29/2013 7:54 PM | 1/1/0001 12:00 AM | ||
antonis | AppSecEu.2012.Android | Provides info on the OWASP AppSec Research 2012 conference | 0 | 2/17/2014 10:01 PM | 1/1/0001 12:00 AM | ||
ihr | esapi-c14n | OWASP ESAPI module containing only canonicalization (c14n) logic | 0 | 1/15/2014 3:47 PM | 1/1/0001 12:00 AM | ||
n3ro | SecDummy | Project for testing sec vulnerabilities according to OWASP | 0 | 10/20/2013 12:20 PM | 1/1/0001 12:00 AM | ||
kaushik1091 | secure_website | Attempt to create a secure website considering OWASP standards | 0 | 2/21/2014 2:00 AM | 1/1/0001 12:00 AM | ||
Neeke | ESAPI-PHPExt | PHP-Ext with ESAPI (OWASP Enterprise Security API) | 0 | 6/17/2014 3:08 PM | 1/1/0001 12:00 AM | ||
Armenia | XSS-CSP-Presentation | XSS/CSP Presentation materials for OWASP meeting held in Armenia 25.04.2014 | 0 | 4/26/2014 6:58 PM | 1/1/0001 12:00 AM | ||
reyjmc03 | opc_theme | Drupal web template theme for Owasp Web Appsec Conference 2016 | 0 | 11/25/2015 12:11 AM | 1/1/0001 12:00 AM | ||
xpn | HTTP-Post-DOS-Tool | A tool created to help test the HTTP POST vulnerability posted by OWASP | 0 | 2/25/2016 8:18 PM | 1/1/0001 12:00 AM | ||
daedafusion | security-framework | Pluggable security framework "inspired" by the OWASP ESAPI framework | 0 | 2/25/2016 9:06 PM | 1/1/0001 12:00 AM | ||
prnawa | grunt-zaproxy | Grunt task for the OWASP Zed Attack Proxy (ZAP) | 0 | 10/31/2014 8:13 AM | 1/1/0001 12:00 AM | ||
solita | powershell-zap | PowerShell module for using OWASP-ZAP from PowerShell | 0 | 11/27/2015 12:13 PM | 1/1/0001 12:00 AM | ||
neelaryan | mutillidae | OWASP Mutillidae II Web Pen-Test Practice Application | 0 | 2/3/2016 12:31 PM | 1/1/0001 12:00 AM | ||
raesene | railsgoat | A Docker Automated Build for the OWASP RailsGoat project. | 0 | 3/25/2016 7:07 PM | 1/1/0001 12:00 AM | ||
bl4de | hardening-php-apps-with-phpids-and-phpesapi | Przykładowa aplikacja impementująca biblioteki OWASP PHP ESAPI oraz PHPIDS - przykład do artykułu "Hardening aplikacji PHP z wykorzystaniem OWASP PHP ESAPI i PHPIDS" | 0 | 6/30/2014 7:22 PM | 1/1/0001 12:00 AM | ||
anandshah123 | hack-it-sample | The sample banking app project for hacking competition held at Rishabh Software. Hands on experience for hacking https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project | 0 | 3/8/2016 1:17 AM | 1/1/0001 12:00 AM | ||
gdisneyleugers | certstealer-mitmtool | OWASP CertStealer Man in the Middle Tool (Test the spoofed cert) | 0 | 2/13/2014 8:15 AM | 1/1/0001 12:00 AM | ||
haruyama | wapt-ja | an unofficial Japanese translation of https://www.owasp.org/index.php/Web_Application_Penetration_Testing | 0 | 3/3/2014 9:05 AM | 1/1/0001 12:00 AM | ||
demboperu | XSS-security-poc | this project is framework basic that use OWASP security for XSS | 0 | 10/30/2014 3:32 PM | 1/1/0001 12:00 AM | ||
caillou | Security-Sandbox | The Security Sandbox is an unsecure twitter clone. It's trying to break every possible security rule and is meant for presentations about the OWASP Top 10. | 0 | 10/30/2013 8:22 PM | 1/1/0001 12:00 AM | ||
gmaran23 | HtmlReportThroughZapAPIs | workaround scripts to enable html report formatting with the OWASP ZAP APIs | 0 | 1/13/2015 3:47 PM | 1/1/0001 12:00 AM | ||
mebjas | vagrant-pyd | vagrant-py daemon - programatically manage your virtual machines with VAGRANT, meant for OWASP hackademic project | 0 | 10/12/2015 12:56 PM | 1/1/0001 12:00 AM | ||
colezlaw | GrokAssembly | Mono/.NET Project to get information about an assembly. Primarily for OWASP Dependency Check | 1 | 6/24/2014 12:59 PM | 1/1/0001 12:00 AM | ||
reznov11 | web-vulns | This will contain tools for top vulns have been classified by OWASP. | 0 | 8/10/2015 6:34 PM | 1/1/0001 12:00 AM | ||
ezraverheijen | escape | PHP class to handle context specific output escaping per OWASP recommendations. | 0 | 1/28/2015 11:26 PM | 1/1/0001 12:00 AM | ||
vijayvkvelu | igoat | iGoat ios Application vulnerable to OWASP Mobile Top 10 Attacks - Test cases for Developers & Analysts | 0 | 2/8/2016 2:19 PM | 1/1/0001 12:00 AM | ||
Harinus | ZAP-Selenium-Auth | A HTTP sender Script which adds Selenium Authentication to OWASP ZAP | 0 | 1/20/2016 2:22 PM | 1/1/0001 12:00 AM | ||
sardpost | sardpost.modsecurity | Ansible role for installing Modsecurity and configuring OWASP CRS on RHEL/Centos 7 | 0 | 4/2/2016 2:57 PM | 1/1/0001 12:00 AM | ||
bertjan | zap-cmdline | Simple command line interface for automated security scanning with OWASP ZAP. | 0 | 3/31/2016 1:56 PM | 1/1/0001 12:00 AM | ||
brettacarr | struts2-esapi | Code example of how to secure struts2 against OWASP top 10 security holes | 0 | 10/2/2013 10:05 AM | 1/1/0001 12:00 AM | ||
zsmahi | WS-Amplification | Tool to explore the WS-Amplification DoS threat. Part of the OWASP WS-Amplification DoS Project. | 0 | 4/1/2015 10:48 AM | 1/1/0001 12:00 AM | ||
mdaniel | zapdump | A utility to export OWASP ZAP databases as Scrapy filesystem cache directories | 0 | 1/8/2015 6:19 AM | 1/1/0001 12:00 AM | ||
ajinabraham | Xenotix-Mobile | A mini version of OWASP Xenotix XSS Exploit Framework for Android device with the capability to detect XSS in GET and POST Request. | 0 | 8/23/2015 8:16 AM | 1/1/0001 12:00 AM | ||
theappseclab | http2-getstarted | Repo for a talk given at null/OWASP/G4H Bangalore Monthly Meet March 2015 | 0 | 4/8/2015 5:30 AM | 1/1/0001 12:00 AM | ||
Treggats | asvs-generate-json | Create a json representation of the excel version of the ASVS by OWASP | 0 | 11/9/2015 10:28 PM | 1/1/0001 12:00 AM | ||
xgirma | zaptest | Using Protractor and OWASP ZAP to complete the bodgeit security challenges. | 0 | 11/26/2015 7:09 PM | 1/1/0001 12:00 AM | ||
aseciwa | railsgoat_install_script | This is a shell script that installs OWASP's railsgoat on Kali Linux machine. | 0 | 12/5/2015 8:19 PM | 1/1/0001 12:00 AM | ||
jhermann | dependency-check-py | Shim to easily install OWASP dependency-check-cli into Python projects | 1 | 11/11/2015 12:59 PM | 1/1/0001 12:00 AM | ||
armahell2252 | GSoC_Scripts | The Scripts and documents used in Google Summer of Code for OWASP OWTF. | 0 | 8/3/2014 6:17 AM | 1/1/0001 12:00 AM | ||
allankim | DogGone | Port of OWASP AntiSAMY and NekoHTML built against com.sun.xerces.* classes | 0 | 12/15/2012 4:35 AM | 1/1/0001 12:00 AM | ||
astrotool | eStore | A simple e-commerce site with cart and checkout. Created in accordance to OWASP 10. | 0 | 12/19/2013 5:34 AM | 1/1/0001 12:00 AM | ||
banescusebi | pett | Privacy Escalation Testing Tool (PETT) developed as a beanshell script for OWASP WebScarab | 0 | 10/20/2013 9:49 AM | 1/1/0001 12:00 AM | ||
mordecai | BasicCTF | A rather basic (intentionally) vulnerable Web application written in PHP, part of the OWASP Vicnum Project | 0 | 5/23/2016 12:17 AM | 1/1/0001 12:00 AM | ||
honoki | CSRFBlock | A PHP adaptation of OWASP's CSRFGuard that starts from a whitelist approach to protect websites against CSRF attacks. | 0 | 3/29/2014 12:51 AM | 1/1/0001 12:00 AM | ||
convisoappsec | swingset-dotnet | The ESAPI Swingset .Net is a port of ESAPI Swingset (http://www.owasp.org/index.php/ESAPI_Swingset) a web application which demonstrates the many uses of the Enterprise Security API (ESAPI). | 0 | 10/6/2013 10:50 PM | 1/1/0001 12:00 AM | ||
MarcL | dependency-check-test | Basic Node.js project to determine the validity of OWASP dependency-check results on Node.js projects | 0 | 5/4/2016 2:30 PM | 1/1/0001 12:00 AM | ||
britta-nz | blindsided-by-security | Code used in the OWASP Day 2012 talk on the reality of web security for the visually impaired | 0 | 3/4/2014 1:13 AM | 1/1/0001 12:00 AM |