This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Project Inventory"
Hblankenship (talk | contribs) (Added redirect) |
|||
(185 intermediate revisions by 11 users not shown) | |||
Line 1: | Line 1: | ||
+ | #REDIRECT[[OWASP_Project]] | ||
+ | |||
__NOTOC__ | __NOTOC__ | ||
{| | {| | ||
Line 10: | Line 12: | ||
|} | |} | ||
+ | = Quick Guides to OWASP Projects = | ||
+ | |||
+ | [[File:Owasp Dev Guide-2.png | 800px | left ]] | ||
= Incubator Projects = | = Incubator Projects = | ||
Line 19: | Line 24: | ||
| style="width: 95%; color: rgb(0, 0, 0);" | | | style="width: 95%; color: rgb(0, 0, 0);" | | ||
<font size=2pt> | <font size=2pt> | ||
− | + | [[File:Incubator_banner.jpg]] | |
OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing. | OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing. | ||
+ | ===Thumbs up=== | ||
+ | Thumbs up are given to incubator projects showing a steady progress in their development, had continuous releases and commits or have delivered a complete product, including open source repository location, basic user guidelines and documentation | ||
+ | |||
+ | |||
+ | ====Code [Reviewed March 2015]==== | ||
+ | * [[OWASP_Java_Encoder_Project|OWASP Java Encoder Project]] [[File:Thumbsup.png|15px]] | ||
+ | * [[OWASP_Java_File_I_O_Security_Project|OWASP Java File I/O Security Project]] | ||
+ | * [[OWASP_PHP_Security_Project|OWASP PHP Security Project]] | ||
+ | * [[OWASP_Node_js_Goat_Project|OWASP Node.js Goat Project]] [[File:Thumbsup.png|15px]] | ||
+ | * [[OWASP_File_Format_Validation_Project|OWASP File Format Validation Project]] | ||
+ | * [[OWASP_Security_Logging_Project|OWASP Security Logging Project]] | ||
+ | |||
+ | =====Code: Low Activity===== | ||
+ | |||
+ | * [[OWASP_PHPRBAC_Project|OWASP PHPRBAC Project]] | ||
+ | |||
+ | ====Research==== | ||
+ | * [[OWASP_WASC_Distributed_Web_Honeypots_Project|OWASP WASC Distributed Web Honeypots Project]] | ||
+ | * [[OWASP_Security_Research_and_Development_Framework|OWASP Security Research and Development Framework]] | ||
− | + | ====Tools [Reviewed last: May 2015]==== | |
− | * [ | + | * [[OWASP_Wordpress_Vulnerability_Scanner_Project | OWASP Wordpress Vulnerability Scanner]] |
− | * [ | + | * [[OWASP_Threat_Dragon | OWASP Threat Dragon]] |
− | * [ | + | * [[OWASP_Security_Knowledge_Framework#tab=Main | Security Knowledge Framework]] |
− | * [https://www.owasp.org/index.php/ | + | * [[OWASP_Faux_Bank_Project|OWASP Faux Bank Project]] |
− | * [ | + | * [[OWASP_Droid10_Project|OWASP Droid]] |
− | * [ | + | * [https://www.owasp.org/index.php/Category:OWASP_Wapiti_Project OWASP Wapiti Project] |
− | * [ | + | *[[Benchmark|OWASP WebGoat Benchmark]] |
− | * [ | + | *[[OWASP_WAP-Web_Application_Protection|WAP Web Application_Protection]] |
− | * [ | + | *[[OWASP_Java_HTML_Sanitizer|OWASP Java HTML Sanitizer Project]] [[File:Thumbsup.png|15px]] |
− | * [ | + | *[[OWASP_Mantra_OS|OWASP Mantra OS]] |
− | * [ | + | *[[OWASP_iGoat_Project|OWASP iGoat Project]] |
− | * [ | + | *[[OWASP_Bricks|OWASP Bricks]] |
− | * [ | + | *[[OWASP_Bywaf_Project|OWASP Bywaf Project]] |
− | * [ | + | *[[OWASP_Mutillidae_2_Project|OWASP Mutillidae 2 Project]] |
− | * [ | + | *[[OWASP_SeraphimDroid_Project|OWASP SeraphimDroid Project]] |
− | * [ | + | *[[OWASP_WebSpa_Project|OWASP WebSpa Project]] |
− | * [ | + | *[[OWASP_NINJA_PingU_Project|OWASP NINJA PingU Project]] |
− | * [ | + | *[[OWASP_Encoder_Comparison_Reference_Project|OWASP Encoder Comparison Reference Project]] |
− | * [ | + | *[[:Category:OWASP_SQLiX_Project|OWASP sqliX Project]] |
− | * [ | + | *[[OWASP_Secure_TDD_Project|OWASP Secure TDD Project]] |
− | * [ | + | *[[OWASP_XSecurity_Project|OWASP XSecurity Project]] |
− | * [ | + | *[[OWASP_Pyttacker_Project|OWASP Pyttacker Project]] |
− | * [ | + | *[[OWASP_HTTP_Post_Tool|OWASP HTTP POST Tool]] |
+ | *[[Projects/OWASP_iOSForensic|OWASP iOSForensic]] | ||
+ | *[[OWASP Rainbow Maker Project | OWASP Rainbow Maker Project]] | ||
+ | *[[OWASP JSEC CVE Details | OWASP JSEC CVE Details]] | ||
+ | * [[:Category:OWASP_WebGoat.NET|OWASP WebGoat.NET]] | ||
+ | * [[OWASP_ASIDE_Project|OWASP ASIDE Project]] | ||
− | + | ====Documentation[Review: May 2015]==== | |
+ | *[[OWASP_Snakes_and_Ladders|OWASP Snakes and Ladders Project]] | ||
+ | *[[OWASP Automated Threats to Web Applications]] | ||
+ | *[[OWASP_Data_Exchange_Format_Project|OWASP Data Exchange Format Project]] | ||
+ | *[[OWASP_Enterprise_Application_Security_Project|OWASP Enterprise Application Security Project]] | ||
+ | *[[OWASP_Secure_Application_Design_Project|OWASP Secure Application Design Project]] | ||
+ | *[[OWASP_Top_10_Fuer_Entwickler_Project|OWASP Top 10 Fuer Entwickler Project]] | ||
+ | *[[OWASP_Vulnerable_Web_Applications_Directory_Project|OWASP Vulnerable Web Applications Directory Project]] | ||
+ | *[[OWASP_Reverse_Engineering_and_Code_Modification_Prevention_Project|OWASP Reverse Engineering and Code Modification Prevention Project]] | ||
+ | *[[:Category:OWASP_.NET_Project|OWASP .NET Project]] | ||
+ | *[[OWASP_WASC_Web_Hacking_Incidents_Database_Project|OWASP WASC Web Hacking Incidents Database Project]] | ||
+ | *[[OWASP_Security_Frameworks_Project|OWASP Security Frameworks Project]] | ||
+ | *[[OWASP_Incident_Response_Project|OWASP Incident Response Project]] | ||
+ | *[[OWASP_Periodic_Table_of_Vulnerabilities|OWASP Periodic Table of Vulnerabilities]] | ||
+ | *[[OWASP_Top_Trumps_for_Projects|OWASP Top Trumps for Projects]] | ||
+ | *[[OWASP KALP Mobile Project | OWASP KALP Mobile Project]] | ||
+ | *[[OWASP Persian Translation Project | OWASP Persian Translation Project]] | ||
+ | *[[OWASP_Application_Security_Program_Quick_Start_Guide_Project|OWASP_Application_Security_Program_Quick_Start_Guide_Project]] | ||
+ | *[[OWASP_Secure_Configuration_Guide|OWASP_Secure_Configuration_Guide]] | ||
+ | *[[OWASP_Knowledge_Based_Authentication_Performance_Metrics_Project|OWASP_Knowledge_Based_Authentication_Performance_Metrics_Project]] | ||
+ | *[[OWASP_RFP-Criteria|OWASP Request For Proposal]] | ||
+ | *[[OWASP_OWASP_Snakes_and_Ladders|OWASP Snakes and Ladders]] 1/22/16 | ||
− | + | ==Educational Initiatives== | |
− | * [ | + | *[[OWASP_Visual_Crime_Scene_and_Security_Incident_Education_Project#tab=Main | OWASP Visual Crime Scene and Security Incident Project]] |
− | + | *[[OWASP_Secure_Development_Training|OWASP Secure Development Training]] | |
− | + | *[[OWASP_Student_Chapters_Program|OWASP Student Chapters Project]] | |
− | * [ | + | *[[:Category:OWASP_Education_Project|OWASP Education Project]] |
− | + | *[[:Category:OWASP_Speakers_Project|OWASP Speakers Project]] | |
− | + | *[[OWASP_Global_Chapter_Meetings_Project|OWASP Global Chapter Meetings Project]] | |
− | * [ | + | *[[OWASP_Media_Project|OWASP Media Project]] |
− | + | *[[OWASP_Hacking_Lab|OWASP Hacking-Lab]] | |
− | + | *[[OWASP_PHP_Security_Training_Project|OWASP PHP Security Training Project]] | |
− | * [ | + | *[[OWASP_Online_Academy#tab=Main | OWASP Online Academy]] |
− | |||
− | |||
− | |||
− | * [ | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | * [ | ||
− | |||
− | |||
− | * [ | ||
− | |||
− | |||
− | * [ | ||
− | |||
− | |||
− | |||
− | * [ | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | * [ | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
</font> | </font> | ||
Line 189: | Line 138: | ||
<font size=2pt> | <font size=2pt> | ||
==Labs Projects== | ==Labs Projects== | ||
+ | |||
+ | [[File:Lab banner.jpg]] | ||
OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage. | OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage. | ||
+ | ===Thumbs up=== | ||
+ | Thumbs up are given to LAB projects showing a steady progress in their development, had very active and continuous releases and commits, regular update of information on their wiki page and have quite complete documentation. These projects are almost ready to become flagship | ||
− | + | ====Tools [Reviewed February 2015]==== | |
− | * [ | + | * [[O-Saft|O-Saft]] |
− | * [ | + | * [[OWASP_Dependency_Track_Project|OWASP Dependency Track Project]] |
− | * [https://www.owasp.org/index.php/Category: | + | * [[:Category:OWASP_EnDe|OWASP EnDe Project]] |
− | * [ | + | * [[OWASP_Hackademic_Challenges_Project|OWASP Hackademic Challenges Project]] |
− | * [ | + | * [[OWASP_Mantra_-_Security_Framework|OWASP Mantra Security Framework]] |
− | * [ | + | * [[OWASP_Mobile_Security_Project|OWASP Mobile Security Project]] |
− | * [ | + | * [[OWASP_O2_Platform|OWASP O2 Platform]] |
− | * [ | + | * [[OWASP_Passfault|OWASP Passfault]] |
− | * [ | + | * [https://www.owasp.org/index.php/Category:OWASP_Security_Ninjas_AppSec_Training_Program OWASP Security Ninjas Appsec Training] |
− | * [ | + | * [[OWASP_Security_Shepherd|OWASP Security Shepherd]] |
− | * [ | + | * [[:Category:OWASP WebGoat Project|OWASP WebGoat Project]] |
− | * [ | + | * [[OWASP_Xenotix_XSS_Exploit_Framework|OWASP Xenotix XSS Exploit Framework]] |
+ | * [[OWASP_iMAS_iOS_Mobile_Application_Security_Project|OWASP iMAS - iOS Mobile Application Security Project]] | ||
+ | *[[OWASP_Juice_Shop_Project|OWASP Juice Shop Project]][[File:Thumbsup.png|15px]] | ||
+ | |||
+ | ====Documentation [In Progress-Results by February/March 2015] ==== | ||
+ | |||
+ | * [[OWASP_Application_Security_Guide_For_CISOs_Project|OWASP Application Security Guide For CISOs]] | ||
+ | * [[Cheat_Sheets|OWASP Cheat Sheets Project]] [[File:Thumbsup.png|15px]] | ||
+ | * [[OWASP_CISO_Survey|OWASP CISO Survey]] | ||
+ | * [[:Category:OWASP_Code_Review_Project|OWASP Code Review Guide Project]] | ||
+ | * [[OWASP_Codes_of_Conduct|OWASP Codes of Conduct]] | ||
+ | * [[OWASP_Cornucopia|OWASP Cornucopia]] | ||
+ | * [[:Category:OWASP_Guide_Project|OWASP Development Guide Project]] | ||
+ | * [[OWASP_Podcast|OWASP Podcast Project]] | ||
+ | * [[OWASP_Proactive_Controls|OWASP Proactive Controls]] | ||
+ | * [[OWASP_Internet_of_Things_Top_Ten_Project|OWASP Internet of Things Top Ten Project]] | ||
+ | * [[OWASP_Top_10_Privacy_Risks_Project|OWASP Top 10 Privacy Risks Project]] | ||
+ | |||
+ | ====Contests==== | ||
+ | *[[OWASP_University_Challenge|OWASP University Challenge]] | ||
+ | * [[:Category:OWASP_CTF_Project|OWASP CTF Project]] | ||
+ | |||
+ | ====Code [Reviewed February 2015]==== | ||
+ | * [[:Category:OWASP_Enterprise_Security_API|OWASP Enterprise Security API]] | ||
+ | * [[OWASP_Python_Security_Project|OWASP Python Security Project]] | ||
+ | |||
+ | ======Low Activity (LABS)[Reviewed February 2015] ====== | ||
+ | [[File:low_activity.jpg]] | ||
+ | These projects had no releases in at least a year, however have shown to be valuable tools | ||
− | ''' | + | '''Code [Low Activity]''' |
− | * [ | + | * [[Project_Information:template_Vicnum_Project|OWASP Vicnum Project]] |
− | + | * [[OWASP_Broken_Web_Applications_Project|OWASP Broken Web Applications Project]] | |
− | * [ | + | * [[OWASP_Joomla_Vulnerability_Scanner_Project]] |
− | * [ | ||
− | |||
− | |||
+ | '''Documentation [Low Activity]''' | ||
+ | * [[OWASP_Appsec_Tutorial_Series|OWASP AppSec Tutorial Series]] | ||
+ | * [[:Category:OWASP_Legal_Project|OWASP Legal Project]] | ||
+ | * [[Virtual_Patching_Best_Practices|Virtual Patching Best Practices]] | ||
+ | * [[OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide|OWASP Secure Coding Practices - Quick Reference Guide]] | ||
= Flagship Projects = | = Flagship Projects = | ||
<font size=2pt> | <font size=2pt> | ||
==Flagship Projects== | ==Flagship Projects== | ||
+ | [[File:Flagship_banner.jpg]] | ||
− | The OWASP Flagship designation is given to projects that have demonstrated | + | The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole. |
+ | After a major review process [[https://www.owasp.org/index.php/LAB_Projects_Code_Analysis_Report More info here]] the following projects are considered to be flagship candidate projects. These project have been evaluated more deeply to confirm their flagship status: | ||
+ | ====Tools [Reviewed September 2014]==== | ||
− | + | * [[OWASP_Zed_Attack_Proxy_Project|OWASP Zed Attack Proxy]] | |
− | * [ | + | * [[OWASP_Web_Testing_Environment_Project|OWASP Web Testing Environment Project]] |
− | * [ | + | * [[OWASP_OWTF|OWASP OWTF]] |
− | * [ | + | * [[OWASP_Dependency_Check|OWASP Dependency Check]] |
− | * [ | ||
+ | ====Code [Reviewed November 2014]==== | ||
+ | * [[:Category:OWASP_ModSecurity_Core_Rule_Set_Project|OWASP ModSecurity Core Rule Set Project]] | ||
+ | * [[:Category:OWASP_CSRFGuard_Project|OWASP CSRFGuard Project]] | ||
+ | * [[OWASP_AppSensor_Project|OWASP AppSensor Project]] | ||
− | + | ====Documentation[Reviewed February 2015] in progress==== | |
− | + | * [[:Category:OWASP_Application_Security_Verification_Standard_Project|OWASP Application Security Verification Standard Project]] | |
− | + | * [[:Category:Software_Assurance_Maturity_Model|OWASP Software Assurance Maturity Model (SAMM)]] | |
− | * [ | + | * [[OWASP_AppSensor_Project|OWASP AppSensor Project]] |
− | + | * [[:Category:OWASP_Top_Ten_Project|OWASP Top Ten Project]] | |
− | + | * [[OWASP_Testing_Project|OWASP Testing Guide Project]] | |
− | |||
− | |||
− | |||
− | * [ | ||
− | |||
− | |||
− | |||
− | * [ | ||
− | * [ | ||
= Archived Projects = | = Archived Projects = | ||
Line 254: | Line 234: | ||
OWASP Archived Projects are inactive Labs projects. If you are interested in pursuing any of the projects below, please contact us and let us know of your interest. | OWASP Archived Projects are inactive Labs projects. If you are interested in pursuing any of the projects below, please contact us and let us know of your interest. | ||
− | + | * [https://www.owasp.org/index.php/OWASP_WebSandBox_Project OWASP WebSandBox Project] | |
+ | * [https://www.owasp.org/index.php/OWASP_Focus OWASP Focus] | ||
+ | * [https://www.owasp.org/index.php/Opa OWASP OPA] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Quick_Reference_Guide_Project OWASP Web Application Security Quick Reference Guide Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Application_Security_Awareness_Top_10_E-learning_Project OWASP Application Security Awareness Top 10 E-learning Project] | ||
+ | * [https://www.owasp.org/index.php/Category:OWASP_CSRFTester_Project OWASP CSRFTester Project] | ||
+ | * [https://www.owasp.org/index.php/Category:OWASP_Wapiti_Project OWASP Wapiti Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_S.T.I.N.G_Project OWASP S.T.I.N.G Project] | ||
+ | * [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Assessment_Standards_Project OWASP Application Security Assessment Standards Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_XSSER OWASP XSSER] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Passw3rd_Project OWASP Passw3rd Project] | ||
+ | * [https://www.owasp.org/index.php/Category:OWASP_CBT_Project OWASP Computer Based Training Project (OWASP CBT Project)] | ||
+ | * [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Requirements_Project OWASP Application Security Requirements Project] | ||
+ | * [https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project OWASP AntiSamy Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Ultimatum_Project OWASP Ultimatum Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_STeBB_Project OWASP STeBB Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Security_Labeling_System_Project OWASP Security Labeling System Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Pygoat_Project OWASP Pygoat Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_HA_Vulnerability_Scanner_Project OWASP HA Vulnerability Scanner Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Unmaskme_Project OWASP Unmaskme Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Simple_Host_Base_Incidence_Detection_System_Project OWASP Simple Host Base Incidence Detection System Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Wordpress_Security_Checklist_Project OWASP Wordpress Security Checklist Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Windows_Binary_Executable_Files_Security_Checks_Project OWASP Windows Binary Executable Files Security Checks Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_WS_Amplification_DoS_Project OWASP WS-Amplification DoS Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_iSABEL_Proxy_Server OWASP iSABEL Proxy Server] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Droid_Fusion OWASP Droid Fusion] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Java_J2EE_Secure_Development_Curriculum OWASP Java/J2EE Secure Development Curriculum] | ||
+ | * [https://www.owasp.org/index.php/OWASP_OctoMS OWASP OctoMS] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Accessibility_Project#tab=Project_About OWASP Web Application Security Accessibility Project] | ||
+ | *[https://www.owasp.org/index.php/Category:OWASP_Java_Project OWASP Java Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_1-Liner OWASP 1-Liner] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Good_Component_Practices_Project OWASP Good Component Practices Project] | ||
* [https://www.owasp.org/index.php/Category:OWASP_Access_Control_Rules_Tester_Project OWASP Access Control Rules Tester Project] | * [https://www.owasp.org/index.php/Category:OWASP_Access_Control_Rules_Tester_Project OWASP Access Control Rules Tester Project] | ||
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Metrics_Project OWASP Application Security Metrics Project] | * [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Metrics_Project OWASP Application Security Metrics Project] | ||
Line 340: | Line 351: | ||
* [https://www.owasp.org/index.php/OWASP_Framework_Security_Project OWASP Framework Security Project] | * [https://www.owasp.org/index.php/OWASP_Framework_Security_Project OWASP Framework Security Project] | ||
* [https://www.owasp.org/index.php/OWASP_Crowdtesting OWASP Crowdtesting] | * [https://www.owasp.org/index.php/OWASP_Crowdtesting OWASP Crowdtesting] | ||
+ | * [https://www.owasp.org/index.php/OWASP_OVAL_Content_Project OWASP OVAL Content Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Software_Security_Assurance_Process OWASP Software Security Assurance Process] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Application_Fuzzing_Framework_Project OWASP Application Fuzzing Framework Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_IoTs_Project OWASP IoTs Project] | ||
+ | * [https://www.owasp.org/index.php/ESAPI_Swingset OWASP ESAPI Swingset Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_VaultDB_Project OWASP VaultDB Project] | ||
+ | * [https://www.owasp.org/index.php/Category:OWASP_Mutillidae OWASP Mutillidae Project] | ||
+ | * [https://www.owasp.org/index.php/Project_Information:template_Yasca_Project OWASP Yasca Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Exams_Project OWASP Exams Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Security_Baseline_Project OWASP Security Baseline Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_OpenStack_Security_Project OWASP OpenStack Security Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_File_Format_Validation_Project OWASP File Format Validation Project] | ||
+ | * [[OWASP_SonarQube_Project|OWASP SonarQube Project]] | ||
</font> | </font> | ||
Line 348: | Line 372: | ||
* [https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project OWASP AntiSamy Project] | * [https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project OWASP AntiSamy Project] | ||
* [https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API OWASP Enterprise Security API] | * [https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API OWASP Enterprise Security API] | ||
− | * [https://www.owasp.org/index.php/ | + | * [https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project OWASP ModSecurity Core Rule Set Project] |
* [https://www.owasp.org/index.php/Category:OWASP_CSRFGuard_Project OWASPCSRF Guard Project] | * [https://www.owasp.org/index.php/Category:OWASP_CSRFGuard_Project OWASPCSRF Guard Project] | ||
* [https://www.owasp.org/index.php/Opa OWASP OPA] | * [https://www.owasp.org/index.php/Opa OWASP OPA] | ||
Line 371: | Line 395: | ||
* [https://www.owasp.org/index.php/OWASP_ISO_IEC_27034_Application_Security_Controls_Project OWASP ISO/IEC 27034 Application Security Controls Project] | * [https://www.owasp.org/index.php/OWASP_ISO_IEC_27034_Application_Security_Controls_Project OWASP ISO/IEC 27034 Application Security Controls Project] | ||
* [https://www.owasp.org/index.php/OWASP_Ultimatum_Project OWASP Ultimatum Project] | * [https://www.owasp.org/index.php/OWASP_Ultimatum_Project OWASP Ultimatum Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Hardened_Phalcon_Project OWASP Hardened Phalcon Project] | ||
+ | * [https://www.owasp.org/index.php/OWASP_Faux_Bank_Project OWASP Faux Bank Project] | ||
==Tools== | ==Tools== | ||
Line 388: | Line 414: | ||
* [https://www.owasp.org/index.php/Category:OWASP_Wapiti_Project OWASP Wapiti Project] | * [https://www.owasp.org/index.php/Category:OWASP_Wapiti_Project OWASP Wapiti Project] | ||
* [https://www.owasp.org/index.php/Project_Information:template_Yasca_Project OWASP Yasca Project] | * [https://www.owasp.org/index.php/Project_Information:template_Yasca_Project OWASP Yasca Project] | ||
− | |||
* [https://www.owasp.org/index.php/OWASP_NAXSI_Project OWASP NAXSI Project] | * [https://www.owasp.org/index.php/OWASP_NAXSI_Project OWASP NAXSI Project] | ||
* [https://www.owasp.org/index.php/OWASP_Passw3rd_Project OWASP Passw3rd Project] | * [https://www.owasp.org/index.php/OWASP_Passw3rd_Project OWASP Passw3rd Project] | ||
Line 414: | Line 439: | ||
* [https://www.owasp.org/index.php/OWASP_Bywaf_Project OWASP Bywaf Project] | * [https://www.owasp.org/index.php/OWASP_Bywaf_Project OWASP Bywaf Project] | ||
* [https://www.owasp.org/index.php/OWASP_S.T.I.N.G_Project OWASP S.T.I.N.G Project] | * [https://www.owasp.org/index.php/OWASP_S.T.I.N.G_Project OWASP S.T.I.N.G Project] | ||
− | |||
* [https://www.owasp.org/index.php/OWASP_VaultDB_Project OWASP VaultDB Project] | * [https://www.owasp.org/index.php/OWASP_VaultDB_Project OWASP VaultDB Project] | ||
* [https://www.owasp.org/index.php/OWASP_WS_Amplification_DoS_Project OWASP WS-Amplification DoS Project] | * [https://www.owasp.org/index.php/OWASP_WS_Amplification_DoS_Project OWASP WS-Amplification DoS Project] | ||
Line 435: | Line 459: | ||
* [https://www.owasp.org/index.php/OWASP_NINJA_PingU_Project OWASP NINJA PingU Project] | * [https://www.owasp.org/index.php/OWASP_NINJA_PingU_Project OWASP NINJA PingU Project] | ||
* [https://www.owasp.org/index.php/OWASP_Encoder_Comparison_Reference_Project OWASP Encoder Comparison Reference Project] | * [https://www.owasp.org/index.php/OWASP_Encoder_Comparison_Reference_Project OWASP Encoder Comparison Reference Project] | ||
+ | *[https://www.owasp.org/index.php/OWASP_PHP_Security_Training_Project OWASP PHP Security Training Project] | ||
+ | *[https://www.owasp.org/index.php/Projects/OWASP_iOSForensic OWASP iOSForensic] | ||
+ | *[https://www.owasp.org/index.php/OWASP_Project_Metrics OWASP Project Metrics] | ||
+ | *[https://www.owasp.org/index.php/OWASP_Store_Sheep_Project OWASP Store Sheep Project] | ||
+ | *[https://www.owasp.org/index.php/OWASP_SonarQube_Project OWASP SonarQube Project] | ||
+ | *[https://www.owasp.org/index.php/OWASP_URL_Checker OWASP URL Checker] | ||
+ | *[https://www.owasp.org/index.php/OWASP_Juice_Shop_Project OWASP Juice Shop] | ||
==Documentation== | ==Documentation== | ||
Line 456: | Line 487: | ||
* [https://www.owasp.org/index.php/OWASP_Java_J2EE_Secure_Development_Curriculum OWASP Java/J2EE Secure Development Curriculum] | * [https://www.owasp.org/index.php/OWASP_Java_J2EE_Secure_Development_Curriculum OWASP Java/J2EE Secure Development Curriculum] | ||
* [https://www.owasp.org/index.php/OWASP_Security_Baseline_Project OWASP Security Baseline Project] | * [https://www.owasp.org/index.php/OWASP_Security_Baseline_Project OWASP Security Baseline Project] | ||
− | |||
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Accessibility_Project#tab=Project_About OWASP Web Application Security Accessibility Project] | * [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Accessibility_Project#tab=Project_About OWASP Web Application Security Accessibility Project] | ||
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Requirements_Project OWASP Application Security Requirements Project] | * [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Requirements_Project OWASP Application Security Requirements Project] | ||
Line 478: | Line 508: | ||
* [https://www.owasp.org/index.php/OWASP_Secure_Application_Design_Project OWASP Secure Application Design Project] | * [https://www.owasp.org/index.php/OWASP_Secure_Application_Design_Project OWASP Secure Application Design Project] | ||
* [https://www.owasp.org/index.php/OWASP_Top_10_Fuer_Entwickler_Project OWASP Top 10 Fuer Entwickler Project] | * [https://www.owasp.org/index.php/OWASP_Top_10_Fuer_Entwickler_Project OWASP Top 10 Fuer Entwickler Project] | ||
− | * [https://www.owasp.org/index.php/ | + | * [https://www.owasp.org/index.php/OWASP_Top_10_Privacy_Risks_Project OWASP Top 10 Privacy Risks] |
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Quick_Reference_Guide_Project OWASP Web Application Security Quick Reference Guide Project] | * [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Quick_Reference_Guide_Project OWASP Web Application Security Quick Reference Guide Project] | ||
* [https://www.owasp.org/index.php/OWASP_Windows_Binary_Executable_Files_Security_Checks_Project OWASP Windows Binary Executable Files Security Checks Project] | * [https://www.owasp.org/index.php/OWASP_Windows_Binary_Executable_Files_Security_Checks_Project OWASP Windows Binary Executable Files Security Checks Project] | ||
Line 500: | Line 530: | ||
* [https://www.owasp.org/index.php/OWASP_Research_Book_Project OWASP Research Book Project] | * [https://www.owasp.org/index.php/OWASP_Research_Book_Project OWASP Research Book Project] | ||
* [https://www.owasp.org/index.php/OWASP_Open_Cyber_Security_Framework_Project OWASP Open Cyber Security Framework Project] | * [https://www.owasp.org/index.php/OWASP_Open_Cyber_Security_Framework_Project OWASP Open Cyber Security Framework Project] | ||
− | + | * [https://www.owasp.org/index.php/OWASP_Top_Trumps_for_Projects OWASP Top Trumps for Projects] | |
<headertabs /> | <headertabs /> |
Latest revision as of 23:13, 5 April 2018
Redirect to:
|
|
---|---|
- Quick Guides to OWASP Projects
- Incubator Projects
- Labs Projects
- Flagship Projects
- Archived Projects
- OWASP Project Types
Labs Projects
OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.
Thumbs up
Thumbs up are given to LAB projects showing a steady progress in their development, had very active and continuous releases and commits, regular update of information on their wiki page and have quite complete documentation. These projects are almost ready to become flagship
Tools [Reviewed February 2015]
- O-Saft
- OWASP Dependency Track Project
- OWASP EnDe Project
- OWASP Hackademic Challenges Project
- OWASP Mantra Security Framework
- OWASP Mobile Security Project
- OWASP O2 Platform
- OWASP Passfault
- OWASP Security Ninjas Appsec Training
- OWASP Security Shepherd
- OWASP WebGoat Project
- OWASP Xenotix XSS Exploit Framework
- OWASP iMAS - iOS Mobile Application Security Project
- OWASP Juice Shop Project
Documentation [In Progress-Results by February/March 2015]
- OWASP Application Security Guide For CISOs
- OWASP Cheat Sheets Project
- OWASP CISO Survey
- OWASP Code Review Guide Project
- OWASP Codes of Conduct
- OWASP Cornucopia
- OWASP Development Guide Project
- OWASP Podcast Project
- OWASP Proactive Controls
- OWASP Internet of Things Top Ten Project
- OWASP Top 10 Privacy Risks Project
Contests
Code [Reviewed February 2015]
Low Activity (LABS)[Reviewed February 2015]
These projects had no releases in at least a year, however have shown to be valuable tools
Code [Low Activity]
- OWASP Vicnum Project
- OWASP Broken Web Applications Project
- OWASP_Joomla_Vulnerability_Scanner_Project
Documentation [Low Activity]
Flagship Projects
The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole. After a major review process [More info here] the following projects are considered to be flagship candidate projects. These project have been evaluated more deeply to confirm their flagship status:
Tools [Reviewed September 2014]
Code [Reviewed November 2014]
Documentation[Reviewed February 2015] in progress
Archived Projects
OWASP Archived Projects are inactive Labs projects. If you are interested in pursuing any of the projects below, please contact us and let us know of your interest.
- OWASP WebSandBox Project
- OWASP Focus
- OWASP OPA
- OWASP Web Application Security Quick Reference Guide Project
- OWASP Application Security Awareness Top 10 E-learning Project
- OWASP CSRFTester Project
- OWASP Wapiti Project
- OWASP S.T.I.N.G Project
- OWASP Application Security Assessment Standards Project
- OWASP XSSER
- OWASP Passw3rd Project
- OWASP Computer Based Training Project (OWASP CBT Project)
- OWASP Application Security Requirements Project
- OWASP AntiSamy Project
- OWASP Ultimatum Project
- OWASP STeBB Project
- OWASP Security Labeling System Project
- OWASP Pygoat Project
- OWASP HA Vulnerability Scanner Project
- OWASP Unmaskme Project
- OWASP Simple Host Base Incidence Detection System Project
- OWASP Wordpress Security Checklist Project
- OWASP Windows Binary Executable Files Security Checks Project
- OWASP WS-Amplification DoS Project
- OWASP iSABEL Proxy Server
- OWASP Droid Fusion
- OWASP Java/J2EE Secure Development Curriculum
- OWASP OctoMS
- OWASP Web Application Security Accessibility Project
- OWASP Java Project
- OWASP 1-Liner
- OWASP Good Component Practices Project
- OWASP Access Control Rules Tester Project
- OWASP Application Security Metrics Project
- OWASP AppSec FAQ Project
- OWASP ASDR Project
- OWASP Backend Security Project
- OWASP Best Practices: Use of Web Application Firewalls
- OWASP CAL9000 Project
- OWASP CLASP Project
- OWASP CodeCrawler Project
- OWASP Content Validation using Java Annotations Project
- OWASP DirBuster Project
- OWASP Encoding Project
- OWASP Google Hacking Project
- OWASP Insecure Web App Project
- OWASP Interceptor Project
- OWASP JSP Testing Tool Project
- OWASP LiveCD Education Project
- OWASP Logging Guide
- OWASP NetBouncer Project
- OWASP OpenPGP Extensions for HTTP - Enigform and mod_openpgp Project
- OWASP OpenSign Server Project
- OWASP Pantera Web Assessment Studio Project
- OWASP PHP Project
- OWASP Report Generator
- OWASP Scholastic Application Security Assessment Project
- OWASP Security Analysis of Core J2EE Design Patterns Project
- OWASP Security Spending Benchmarks Project
- OWASP Site Generator Project
- OWASP Skavenger Project
- OWASP Source Code Flaws Top 10 Project
- OWASP Sprajax Project
- OWASP Sqlibench Project
- OWASP Stinger Project
- OWASP Teachable Static Analysis Workbench Project
- OWASP Tiger
- OWASP Tools Project
- OWASP Uniform Reporting Guidelines
- OWASP Webekci Project
- JBroFuzz
- OWASP SWAAT Project
- OWASP Secure Web Application Framework Manifesto
- OWASP Scrubbr
- OWASP JavaScript Sandboxes Project
- OWASP Joomla Vulnerability Scanner Project
- OWASP Hatkit Datafiddler Project
- OWASP Hatkit Proxy Project
- OWASP Fiddler Addons for Security Testing Project
- OWASP Forward Exploit Tool Project
- OWASP Fuzzing Code Database
- OWASP Cloud ‐ 10 Project
- OWASP Web Browser Testing System Project
- OWASP WebScarab Project
- OWASP Webslayer Project
- OWASP WSFuzzer Project
- OWASP Security Assurance Testing of Virtual Worlds Project
- OWASP WAF Project
- OWASP VFW Project
- OWASP SIMBA Project
- OWASP ONYX
- OWASP Java Uncertain Form Submit Prevention
- OWASP Ecuador
- OWASP ESOP Framework
- OWASP Alchemist Project
- OWASP Secure the Flag Project
- OWASP Browser Security ACID Test Project
- OWASP AJAX Crawling Tool
- OWASP Threat Modeling Project
- OWASP Crossword of the Month
- OWASP Secure Password Project
- OWASP Myth Breakers Project
- OWASP Project Partnership Model
- OWASP Browser Security Project
- OWASP Application Security Program for Managers
- OWASP Favicon Database Project
- OWASP Security JDIs Project
- OWASP File Hash Repository
- OWASP Application Security Skills Assessment
- OWASP Common Numbering Project
- OWASP WhatTheFuzz Project
- OWASP Security Tools for Developers Project
- OWASP Proxy Project
- OWASP Desktop Goat and Top 5 Project
- OWASP AW00t
- OWASP Framework Security Project
- OWASP Crowdtesting
- OWASP OVAL Content Project
- OWASP Software Security Assurance Process
- OWASP Application Fuzzing Framework Project
- OWASP IoTs Project
- OWASP ESAPI Swingset Project
- OWASP VaultDB Project
- OWASP Mutillidae Project
- OWASP Yasca Project
- OWASP Exams Project
- OWASP Security Baseline Project
- OWASP OpenStack Security Project
- OWASP File Format Validation Project
- OWASP SonarQube Project
Code
- OWASP AntiSamy Project
- OWASP Enterprise Security API
- OWASP ModSecurity Core Rule Set Project
- OWASPCSRF Guard Project
- OWASP OPA
- OWASP Java Encoder Project
- OWASP Passfault
- OWASP OctoMS
- OWASP JSON Sanitizer
- OWASP Security Research and Development Framework
- OWASP 1-Liner
- OWASP Focus
- OWASP PHPRBAC Project
- OWASP EJSF Project
- OWASP Barbarus
- OWASP iMAS - iOS Mobile Application Security Project
- OWASP RBAC Project
- OWASP PHP Security Project
- OWASP Simple Host Base Incidence Detection System Project
- OWASP File Format Validation Project
- OWASP JAWS Project
- OWASP Node.js Goat Project
- OWASP System Vulnerable Code Project
- OWASP ISO/IEC 27034 Application Security Controls Project
- OWASP Ultimatum Project
- OWASP Hardened Phalcon Project
- OWASP Faux Bank Project
Tools
- OWASP Web Testing Environment Project
- OWASP WebGoat Project
- OWASP Zed Attack Proxy
- OWASP Broken Web Applications Project
- OWAsP CSRFTester Project
- OWASP EnDe Project
- OWASP Hackademic Challenges Project
- OWASP HTTP Post Tool
- OWASP Java XML Templates Project
- OWASP Mantra Security Framework
- OWASP Mutillidae Project
- OWASP O2 Platform
- OWASP Vicnum Project
- OWASP Wapiti Project
- OWASP Yasca Project
- OWASP NAXSI Project
- OWASP Passw3rd Project
- OWASP File Hash Repository
- OWASP WebGoat.NET
- OWASP OWTF
- OWASP Path Traverser
- OWASP Watiqay
- OWASP Security Shepherd
- OWASP Xenotix XSS Exploit Framework
- OWASP Mantra OS
- OWASP XSSER
- OWASP Academy Portal Project
- OWASP ASIDE Project
- OWASP iGoat Project
- OWASP SamuraiWTF
- O-Saft
- OWASP OpenStack Security Project
- OWASP Bricks
- OWASP Dependency Check
- OWASP Hive Project
- OWASP Droid Fusion
- OWASP iSABEL Proxy Server
- OWASP Rails Goat Project
- OWASP Bywaf Project
- OWASP S.T.I.N.G Project
- OWASP VaultDB Project
- OWASP WS-Amplification DoS Project
- OWASP Mutillidae 2 Project
- OWASP Skanda - SSRF Exploitation Framework
- OWASP SeraphimDroid Project
- OWASP Unmaskme Project
- OWASP Androïck Project
- OWASP SafeNuGet Project
- OWASP WebSandBox Project
- OWASP HA Vulnerability Scanner Project
- OWASP Dependency Track Project
- OWASP PHP Portscaner Project
- OWASP Java HTML Sanitizer Project
- OWASP Pygoat Project
- OWASP Python Security Project
- OWASP Web Knocking Project
- OWASP Financial Information Exchange Security Project
- OWASP STeBB Project
- OWASP NINJA PingU Project
- OWASP Encoder Comparison Reference Project
- OWASP PHP Security Training Project
- OWASP iOSForensic
- OWASP Project Metrics
- OWASP Store Sheep Project
- OWASP SonarQube Project
- OWASP URL Checker
- OWASP Juice Shop
Documentation
- OWASP Application Security Verification Standard Project
- OWASP Code Review Project
- OWASP Codes of Conduct
- OWASP Development Guide Project
- OWASP Secure Coding Practices - Quick Reference Guide
- OWASP Software Assurance Maturity Model(SAMM)
- OWASP Testing Guide Project
- OWASP Top Ten Project
- OWASP AppSec Tutorial Series
- OWASP AppSensor Project
- OWASP CTF Project
- OWASP Legal Project
- OWASP Podcast Project
- Virtual Patching Best Practices
- OWASP Data Exchange Format Project
- OWASP Cheat Sheets Project
- OWASP Proactive Controls
- OWASP Java/J2EE Secure Development Curriculum
- OWASP Security Baseline Project
- OWASP Web Application Security Accessibility Project
- OWASP Application Security Requirements Project
- OWASP Application Security Assessment Standards Project
- OWASP Computer Based Training Project (OWASP CBT Project)
- OWASP Enterprise Application Security Project
- OWASP Exams Project
- OWASP GoatDroid Project
- OWASP Request For Proposal
- OWASP University Challenge
- OWASP Hacking-Lab
- OWASP Application Security Awareness Top 10 E-learning Project
- OWASP Periodic Table of Vulnerabilities
- WASC/OWASP Web Application Firewall Evaluation Criteria (WAFEC)
- OWASP ESAPI Swingset Project
- OWASP Press
- OWASP CISO Survey
- OWASP Application Security Guide For CISOs
- OWASP Scada Security Project
- OWASP Cornucopia
- OWASP Secure Application Design Project
- OWASP Top 10 Fuer Entwickler Project
- OWASP Top 10 Privacy Risks
- OWASP Web Application Security Quick Reference Guide Project
- OWASP Windows Binary Executable Files Security Checks Project
- OWASP Wordpress Security Checklist Project
- OWASP Supporting Legacy Web Applications in the Current Environment Project
- OWASP Security Principles Project
- OWASP Ruby on Rails and friends Security Guide Project
- OWASP Media Project
- OWASP Global Chapter Meetings Project
- OWASP Vulnerable Web Applications Directory Project
- OWASP Game Security Framework Project
- OWASP Security Labeling System Project
- OWASP IoTs Project
- OWASP Insecure Web Components Project
- OWASP Reverse Engineering and Code Modification Prevention Project
- OWASP Student Chapters Project
- OWASP Education Project
- OWASP Speakers Project
- OWASP Internet of Things Top Ten Project
- OWASP .NET Project
- OWASP Research Book Project
- OWASP Open Cyber Security Framework Project
- OWASP Top Trumps for Projects