This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Category:OWASP Project"
From OWASP
Deleted user (talk | contribs) |
Deleted user (talk | contribs) |
||
| Line 27: | Line 27: | ||
; [[:Category:OWASP AntiSamy Project|OWASP AntiSamy Java Project]] | ; [[:Category:OWASP AntiSamy Project|OWASP AntiSamy Java Project]] | ||
| − | : an API for validating rich HTML/CSS input from users without exposure to cross-site scripting and phishing attacks | + | : an API for validating rich HTML/CSS input from users without exposure to cross-site scripting and phishing attacks (Assessment Criteria v1.0) |
; [[:Category:OWASP Enterprise Security API|OWASP Enterprise Security API (ESAPI) Project]] | ; [[:Category:OWASP Enterprise Security API|OWASP Enterprise Security API (ESAPI) Project]] | ||
| − | : a free and open collection of all the security methods that a developer needs to build a secure web application. | + | : a free and open collection of all the security methods that a developer needs to build a secure web application. (Assessment Criteria v1.0) |
| Line 36: | Line 36: | ||
; [[:Category:OWASP Live CD Project|OWASP Live CD Project]] | ; [[:Category:OWASP Live CD Project|OWASP Live CD Project]] | ||
| − | : this CD collects some of the best open source security projects in a single environment. Web developers, testers and security professionals can boot from this Live CD and have access to a full security testing suite. | + | : this CD collects some of the best open source security projects in a single environment. Web developers, testers and security professionals can boot from this Live CD and have access to a full security testing suite. (Assessment Criteria v1.0) |
; [[:Category:OWASP WebScarab Project|OWASP WebScarab Project]] | ; [[:Category:OWASP WebScarab Project|OWASP WebScarab Project]] | ||
| − | : a tool for performing all types of security testing on web applications and web services | + | : a tool for performing all types of security testing on web applications and web services (Assessment Criteria v1.0) |
| Line 45: | Line 45: | ||
; [[:Category:OWASP WebGoat Project|OWASP WebGoat Project]] | ; [[:Category:OWASP WebGoat Project|OWASP WebGoat Project]] | ||
| − | : an online training environment for hands-on learning about application security | + | : an online training environment for hands-on learning about application security (Assessment Criteria v1.0) |
| Line 54: | Line 54: | ||
; [[:Category:OWASP Guide Project|OWASP Development Guide]] | ; [[:Category:OWASP Guide Project|OWASP Development Guide]] | ||
| − | : a massive document covering all aspects of web application and web service security | + | : a massive document covering all aspects of web application and web service security (Assessment Criteria v1.0) |
; [[:Category:OWASP Ruby on Rails Security Guide V2 | OWASP Ruby on Rails Security Guide V2]] | ; [[:Category:OWASP Ruby on Rails Security Guide V2 | OWASP Ruby on Rails Security Guide V2]] | ||
| − | : this Project is the one and only source of information about Rails security topics. | + | : this Project is the one and only source of information about Rails security topics. (Assessment Criteria v1.0) |
| Line 63: | Line 63: | ||
; [[:Category:OWASP Code Review Project|OWASP Code Review Guide]] | ; [[:Category:OWASP Code Review Project|OWASP Code Review Guide]] | ||
| − | : a project to capture best practices for reviewing code. | + | : a project to capture best practices for reviewing code. (Assessment Criteria v1.0) |
; [[:Category:OWASP Testing Project|OWASP Testing Guide]] | ; [[:Category:OWASP Testing Project|OWASP Testing Guide]] | ||
| − | : a project focused on application security testing procedures and checklists | + | : a project focused on application security testing procedures and checklists (Assessment Criteria v1.0) |
; [[:Category:OWASP Top Ten Project|OWASP Top Ten Project]] | ; [[:Category:OWASP Top Ten Project|OWASP Top Ten Project]] | ||
| − | : an awareness document that describes the top ten web application security vulnerabilities | + | : an awareness document that describes the top ten web application security vulnerabilities (Assessment Criteria v1.0) |
| Line 75: | Line 75: | ||
; [[:Category:OWASP AppSec FAQ Project|OWASP AppSec FAQ Project]] | ; [[:Category:OWASP AppSec FAQ Project|OWASP AppSec FAQ Project]] | ||
| − | : FAQ covering many application security topics | + | : FAQ covering many application security topics (Assessment Criteria v1.0) |
; [[:Category:OWASP Legal Project|OWASP Legal Project]] | ; [[:Category:OWASP Legal Project|OWASP Legal Project]] | ||
| − | : a project focused on providing contract language for acquiring secure software | + | : a project focused on providing contract language for acquiring secure software (Assessment Criteria v1.0) |
; [[:Category:OWASP Source Code Review OWASP Projects Project|OWASP Source Code Review for OWASP-Projects]] | ; [[:Category:OWASP Source Code Review OWASP Projects Project|OWASP Source Code Review for OWASP-Projects]] | ||
| − | : a workflow for OWASP projects to incorporate static analysis into the Software Development Life Cycle (SDLC). | + | : a workflow for OWASP projects to incorporate static analysis into the Software Development Life Cycle (SDLC). (Assessment Criteria v1.0) |
| Line 109: | Line 109: | ||
; [[:Category:OWASP AntiSamy Project .NET|OWASP AntiSamy .NET Project]] | ; [[:Category:OWASP AntiSamy Project .NET|OWASP AntiSamy .NET Project]] | ||
| − | : an API for validating rich HTML/CSS input from users without exposure to cross-site scripting and phishing attacks. | + | : an API for validating rich HTML/CSS input from users without exposure to cross-site scripting and phishing attacks. (Assessment Criteria v1.0) |
; [[:Category:OWASP CSRFGuard Project|OWASP CSRFGuard Project]] | ; [[:Category:OWASP CSRFGuard Project|OWASP CSRFGuard Project]] | ||
| − | : a J2EE filter that implements a unique request token to mitigate CSRF attacks | + | : a J2EE filter that implements a unique request token to mitigate CSRF attacks (Assessment Criteria v1.0) |
; [[:Category:OWASP DirBuster Project|OWASP DirBuster Project]] | ; [[:Category:OWASP DirBuster Project|OWASP DirBuster Project]] | ||
| − | :DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers. | + | :DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers. (Assessment Criteria v1.0) |
; [[:Category:OWASP Encoding Project|OWASP Encoding Project]] | ; [[:Category:OWASP Encoding Project|OWASP Encoding Project]] | ||
| − | : a project focused on the development of encoding best practices for web applications. | + | : a project focused on the development of encoding best practices for web applications. (Assessment Criteria v1.0) |
; [[:Category:OWASP .NET Project|OWASP .NET Research]] | ; [[:Category:OWASP .NET Project|OWASP .NET Research]] | ||
| − | : a project focused on helping .NET developers build secure applications | + | : a project focused on helping .NET developers build secure applications (Assessment Criteria v1.0) |
; [[:Category:OWASP OpenSign Server Project|OWASP OpenSign Server Project]] | ; [[:Category:OWASP OpenSign Server Project|OWASP OpenSign Server Project]] | ||
| − | : the purpose of this project would be to build and host a feature-rich server and suite of client utilities with adequate secure hardware to ensure the integrity of code modules. | + | : the purpose of this project would be to build and host a feature-rich server and suite of client utilities with adequate secure hardware to ensure the integrity of code modules. (Assessment Criteria v1.0) |
| Line 130: | Line 130: | ||
; [[:Category:OWASP Access Control Rules Tester Project|OWASP Access Control Rules Tester Project]] | ; [[:Category:OWASP Access Control Rules Tester Project|OWASP Access Control Rules Tester Project]] | ||
| − | : this project is intended to have two deliverables: research technical report (publication ready article) and an Access Control Rules Tester tool. | + | : this project is intended to have two deliverables: research technical report (publication ready article) and an Access Control Rules Tester tool. (Assessment Criteria v1.0) |
; [[:Category:OWASP LAPSE Project|OWASP LAPSE Project]] | ; [[:Category:OWASP LAPSE Project|OWASP LAPSE Project]] | ||
| − | : an Eclipse-based source-code static analysis tool for Java | + | : an Eclipse-based source-code static analysis tool for Java (Assessment Criteria v1.0) |
; [[:Category:OWASP Orizon Project|OWASP Orizon Project]] | ; [[:Category:OWASP Orizon Project|OWASP Orizon Project]] | ||
| − | : the goal of this project is to develop an extensible code review engine to be used from source code assessment tools. | + | : the goal of this project is to develop an extensible code review engine to be used from source code assessment tools. (Assessment Criteria v1.0) |
; [[:Category:OWASP Pantera Web Assessment Studio Project|OWASP Pantera Web Assessment Studio Project]] | ; [[:Category:OWASP Pantera Web Assessment Studio Project|OWASP Pantera Web Assessment Studio Project]] | ||
| − | : a project focused on combining automated capabilities with complete manual testing to get the best results | + | : a project focused on combining automated capabilities with complete manual testing to get the best results (Assessment Criteria v1.0) |
; [[ORG_%28Owasp_Report_Generator%29|OWASP Report Generator]] | ; [[ORG_%28Owasp_Report_Generator%29|OWASP Report Generator]] | ||
| − | : a project giving security professionals a way to report and keep track of their projects | + | : a project giving security professionals a way to report and keep track of their projects (Assessment Criteria v1.0) |
; [[Owasp_SiteGenerator|OWASP Site Generator]] | ; [[Owasp_SiteGenerator|OWASP Site Generator]] | ||
| − | : a project allowing users to create dynamic sites for use in training, web application scanner testing, etc... | + | : a project allowing users to create dynamic sites for use in training, web application scanner testing, etc... (Assessment Criteria v1.0) |
; [[:Category:OWASP Skavenger Project|OWASP Skavenger Project]] | ; [[:Category:OWASP Skavenger Project|OWASP Skavenger Project]] | ||
| − | : is a web application security assessment tool kit that passively analyses traffic logged by various MITM proxies as well as other sources and helps to identify various kinds of possible vulnerabilities. | + | : is a web application security assessment tool kit that passively analyses traffic logged by various MITM proxies as well as other sources and helps to identify various kinds of possible vulnerabilities. (Assessment Criteria v1.0) |
; [[:Category:OWASP SQLiX Project|OWASP SQLiX Project]] | ; [[:Category:OWASP SQLiX Project|OWASP SQLiX Project]] | ||
| − | : a project focused on the development of SQLiX, a full perl-based SQL scanner | + | : a project focused on the development of SQLiX, a full perl-based SQL scanner (Assessment Criteria v1.0) |
; [[:Category:OWASP Sqlibench Project|OWASP Sqlibench Project]] | ; [[:Category:OWASP Sqlibench Project|OWASP Sqlibench Project]] | ||
| − | : this is a benchmarking project of automatic sql injectors related to dumping databases. | + | : this is a benchmarking project of automatic sql injectors related to dumping databases. (Assessment Criteria v1.0) |
; [[OWASP_Tiger|OWASP Tiger]] | ; [[OWASP_Tiger|OWASP Tiger]] | ||
| − | : OWASP Tiger is a Windows application originally intended to be used for automating the process of testing various known ASP.NET security issues in hosted environments. However, it is much more versatile than that: it can help you construct and send a HTTP requests, receive and analyze the responses, match them against a set of conditions to produce alerts, notifications that something is wrong with the application(s) or service(s) being tested. | + | : OWASP Tiger is a Windows application originally intended to be used for automating the process of testing various known ASP.NET security issues in hosted environments. However, it is much more versatile than that: it can help you construct and send a HTTP requests, receive and analyze the responses, match them against a set of conditions to produce alerts, notifications that something is wrong with the application(s) or service(s) being tested. (Assessment Criteria v1.0) |
; [[:Category:OWASP WeBekci Project|OWASP WeBekci Project]] | ; [[:Category:OWASP WeBekci Project|OWASP WeBekci Project]] | ||
| − | : OWASP WeBekci is a web based ModSecurity 2.x management tool. WeBekci is written in PHP, Its backend is powered by MySQL and the frontend by XAJAX framework. | + | : OWASP WeBekci is a web based ModSecurity 2.x management tool. WeBekci is written in PHP, Its backend is powered by MySQL and the frontend by XAJAX framework. (Assessment Criteria v1.0) |
; [[:Category:OWASP WSFuzzer Project|OWASP WSFuzzer Project]] | ; [[:Category:OWASP WSFuzzer Project|OWASP WSFuzzer Project]] | ||
| − | : a project focused on the development of WSFuzzer, a full python-based Web Services SOAP fuzzer | + | : a project focused on the development of WSFuzzer, a full python-based Web Services SOAP fuzzer (Assessment Criteria v1.0) |
| Line 169: | Line 169: | ||
; [[:Category:OWASP LiveCD Education Project|OWASP Live CD Education Project]] | ; [[:Category:OWASP LiveCD Education Project|OWASP Live CD Education Project]] | ||
| − | : an educational supplement project containing tutorials, challenges and videos detailing the use of tools contained within the OWASP LiveCD - LabRat. This project was sponsored by [[OWASP Spring Of Code 2007|OWASP Spring Of Code 2007]] and [http://www.securitydistro.com/ Security Distro] | + | : an educational supplement project containing tutorials, challenges and videos detailing the use of tools contained within the OWASP LiveCD - LabRat. This project was sponsored by [[OWASP Spring Of Code 2007|OWASP Spring Of Code 2007]] and [http://www.securitydistro.com/ Security Distro] (Assessment Criteria v1.0) |
; [[:Category:OWASP Teachable Static Analysis Workbench Project|OWASP Teachable Static Analysis Workbench Project]] | ; [[:Category:OWASP Teachable Static Analysis Workbench Project|OWASP Teachable Static Analysis Workbench Project]] | ||
| − | : this project is intended to have two deliverables: research technical report (publication ready article) and a workbench prototype. | + | : this project is intended to have two deliverables: research technical report (publication ready article) and a workbench prototype. (Assessment Criteria v1.0) |
</td><td> | </td><td> | ||
| Line 179: | Line 179: | ||
; [[:Category:OWASP AppSensor Project|OWASP AppSensor Project]] | ; [[:Category:OWASP AppSensor Project|OWASP AppSensor Project]] | ||
| − | : a framework for detecting and responding to attacks from within the application. | + | : a framework for detecting and responding to attacks from within the application. (Assessment Criteria v1.0) |
; [[:Category:OWASP Backend Security Project|OWASP Backend Security Project]] | ; [[:Category:OWASP Backend Security Project|OWASP Backend Security Project]] | ||
| − | : this is a new project created to improve and to collect the existant information about the backend security. | + | : this is a new project created to improve and to collect the existant information about the backend security. (Assessment Criteria v1.0) |
; [[:Category:OWASP .NET Project|OWASP .NET Project]] | ; [[:Category:OWASP .NET Project|OWASP .NET Project]] | ||
| − | : the purpose of the this project is to provide a central repository of information and tools for software professionals that use the Microsoft .NET Framework for web applications and services. | + | : the purpose of the this project is to provide a central repository of information and tools for software professionals that use the Microsoft .NET Framework for web applications and services. (Assessment Criteria v1.0) |
; [[:Category:OWASP Securing WebGoat using ModSecurity Project |OWASP Securing WebGoat using ModSecurity Project]] | ; [[:Category:OWASP Securing WebGoat using ModSecurity Project |OWASP Securing WebGoat using ModSecurity Project]] | ||
| − | : the purpose of this project is to create custom Modsecurity rulesets that will protect WebGoat 5.2 from as many of its vulnerabilities as possible (the goal is 90%) without changing one line of source code. | + | : the purpose of this project is to create custom Modsecurity rulesets that will protect WebGoat 5.2 from as many of its vulnerabilities as possible (the goal is 90%) without changing one line of source code. (Assessment Criteria v1.0) |
| Line 194: | Line 194: | ||
; [[:Category:OWASP Application Security Verification Standard Project | OWASP Application Security Verification Standard Project]] | ; [[:Category:OWASP Application Security Verification Standard Project | OWASP Application Security Verification Standard Project]] | ||
| − | : The ASVS defines a standard for conducting application security verifications. It covers both automated and manual approaches for assessing applications using both external testing and code review techniques. | + | : The ASVS defines a standard for conducting application security verifications. It covers both automated and manual approaches for assessing applications using both external testing and code review techniques. (Assessment Criteria v1.0) |
; [[:Category:OWASP Tools Project|OWASP Tools Project]] | ; [[:Category:OWASP Tools Project|OWASP Tools Project]] | ||
| − | : the OWASP Tools Project's goal is to provide unbiased, practical information and guidance about application security tools. | + | : the OWASP Tools Project's goal is to provide unbiased, practical information and guidance about application security tools. (Assessment Criteria v1.0) |
| Line 203: | Line 203: | ||
; [[:Category:OWASP CLASP Project|OWASP CLASP Project]] | ; [[:Category:OWASP CLASP Project|OWASP CLASP Project]] | ||
| − | : a project focused on defining process elements that reinforce application security | + | : a project focused on defining process elements that reinforce application security (Assessment Criteria v1.0) |
; [[:Category:OWASP Education Project|OWASP Education Project]] | ; [[:Category:OWASP Education Project|OWASP Education Project]] | ||
| − | : a project to build educational tracks and modules for different audiences. | + | : a project to build educational tracks and modules for different audiences. (Assessment Criteria v1.0) |
; [[OWASP_Internationalization | OWASP Internationalization Project]] | ; [[OWASP_Internationalization | OWASP Internationalization Project]] | ||
| − | : general guidelines to start a new translation project for OWASP site and projects. | + | : general guidelines to start a new translation project for OWASP site and projects. (Assessment Criteria v1.0) |
; [[OWASP_Spanish | OWASP Spanish Project]] | ; [[OWASP_Spanish | OWASP Spanish Project]] | ||
| − | : first translation effort to make OWASP site and project completely available in Spanish language. | + | : first translation effort to make OWASP site and project completely available in Spanish language. (Assessment Criteria v1.0) |
| Line 235: | Line 235: | ||
; [[:Category:OWASP Application Security Tool Benchmarking Environment and Site Generator Refresh Project|OWASP Application Security Tool Benchmarking Environment and Site Generator Refresh Project]] | ; [[:Category:OWASP Application Security Tool Benchmarking Environment and Site Generator Refresh Project|OWASP Application Security Tool Benchmarking Environment and Site Generator Refresh Project]] | ||
| − | : The idea is to split destination web application technology from the three reusable libraries: library of navigational elements, library of vulnerabilities and library of language constructs. | + | : The idea is to split destination web application technology from the three reusable libraries: library of navigational elements, library of vulnerabilities and library of language constructs. (Assessment Criteria v1.0) |
; [[:Category:OWASP Code Crawler|OWASP Code Crawler]] | ; [[:Category:OWASP Code Crawler|OWASP Code Crawler]] | ||
| − | : this tool is aimed at assisting code review practitioners. It is a static code review tool which searches for key topics within .NET and J2EE/JAVA code. | + | : this tool is aimed at assisting code review practitioners. It is a static code review tool which searches for key topics within .NET and J2EE/JAVA code. (Assessment Criteria v1.0) |
; [[:Category:OWASP CSRFTester Project|OWASP CSRFTester Project]] | ; [[:Category:OWASP CSRFTester Project|OWASP CSRFTester Project]] | ||
| − | : gives developers the ability to test their applications for CSRF flaws | + | : gives developers the ability to test their applications for CSRF flaws (Assessment Criteria v1.0) |
; [[:Category:OWASP EnDe|OWASP EnDe Project]] | ; [[:Category:OWASP EnDe|OWASP EnDe Project]] | ||
| − | : This tool is an encoder, decoder, converter, transformer, calculator, for various codings used in the wild wide web. | + | : This tool is an encoder, decoder, converter, transformer, calculator, for various codings used in the wild wide web. (Assessment Criteria v1.0) |
; [[:Category:OWASP Google Hacking Project|OWASP Google Hacking Project]] | ; [[:Category:OWASP Google Hacking Project|OWASP Google Hacking Project]] | ||
| − | : Google SOAP Search API with Perl | + | : Google SOAP Search API with Perl (Assessment Criteria v1.0) |
; [[:Category:OWASP Insecure Web App Project|OWASP Insecure Web App Project]] | ; [[:Category:OWASP Insecure Web App Project|OWASP Insecure Web App Project]] | ||
| − | : a web application that includes common web application vulnerabilities | + | : a web application that includes common web application vulnerabilities (Assessment Criteria v1.0) |
; [[:Category:OWASP JBroFuzz|OWASP JBroFuzz Project]] | ; [[:Category:OWASP JBroFuzz|OWASP JBroFuzz Project]] | ||
| − | : a web application fuzzer for requests being made over HTTP and/or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities. This project was sponsored by [[OWASP Spring Of Code 2007|OWASP Spring Of Code 2007]] | + | : a web application fuzzer for requests being made over HTTP and/or HTTPS. Its purpose is to provide a single, portable application that offers stable web protocol fuzzing capabilities. This project was sponsored by [[OWASP Spring Of Code 2007|OWASP Spring Of Code 2007]] (Assessment Criteria v1.0) |
; [[:Category:OWASP JSP Testing Tool Project|OWASP JSP Testing Tool Project]] | ; [[:Category:OWASP JSP Testing Tool Project|OWASP JSP Testing Tool Project]] | ||
| − | : the goal of this project is to create an easy to use, freely available tool that can be used to quickly ascertain the level of protection that each component of a JSP tag library offers. | + | : the goal of this project is to create an easy to use, freely available tool that can be used to quickly ascertain the level of protection that each component of a JSP tag library offers. (Assessment Criteria v1.0) |
; [[:Category:OWASP Learn About Encoding Project|OWASP Learn About Encoding Project]] | ; [[:Category:OWASP Learn About Encoding Project|OWASP Learn About Encoding Project]] | ||
| − | : this project has as its ultimate goal of demystifying the problems related to the study of character encoding (charset encoding). | + | : this project has as its ultimate goal of demystifying the problems related to the study of character encoding (charset encoding). (Assessment Criteria v1.0) |
; [[:Category:OWASP NetBouncer Project|OWASP NetBouncer Project]] | ; [[:Category:OWASP NetBouncer Project|OWASP NetBouncer Project]] | ||
| − | : is secure by default centralised input/output validation library which combines security rules and business rules as well as escaping in the output level. | + | : is secure by default centralised input/output validation library which combines security rules and business rules as well as escaping in the output level. (Assessment Criteria v1.0) |
; [[:Category:OWASP OpenPGP Extensions for HTTP - Enigform and mod openpgp|OWASP OpenPGP Extensions for HTTP - Enigform and mod openpgp]] | ; [[:Category:OWASP OpenPGP Extensions for HTTP - Enigform and mod openpgp|OWASP OpenPGP Extensions for HTTP - Enigform and mod openpgp]] | ||
| − | : focus on mod_openpgp and Secure Session Management, presenting a working web-site using this new authentication methodology in such a way that it will attract security professionals and web-developers to this new mix of two good'ol protocols: HTTP and OpenPGP. | + | : focus on mod_openpgp and Secure Session Management, presenting a working web-site using this new authentication methodology in such a way that it will attract security professionals and web-developers to this new mix of two good'ol protocols: HTTP and OpenPGP. (Assessment Criteria v1.0) |
; [[:Category:OWASP Open Review Project|OWASP Open Review Project (ORPRO)]] | ; [[:Category:OWASP Open Review Project|OWASP Open Review Project (ORPRO)]] | ||
| − | : a project to openly check open source libraries and software that are vital to most commercial and non-commercial apps around. | + | : a project to openly check open source libraries and software that are vital to most commercial and non-commercial apps around. (Assessment Criteria v1.0) |
; [[:Category:OWASP PHP AntiXSS Library Project|OWASP PHP AntiXSS Library Project]] | ; [[:Category:OWASP PHP AntiXSS Library Project|OWASP PHP AntiXSS Library Project]] | ||
| − | : reduce cross-site scripting vulnerabilities by encoding your output | + | : reduce cross-site scripting vulnerabilities by encoding your output (Assessment Criteria v1.0) |
; [[:Category:OWASP Python Static Analysis Project|OWASP Python Static Analysis Project]] | ; [[:Category:OWASP Python Static Analysis Project|OWASP Python Static Analysis Project]] | ||
| − | : the aim of this project is to provide full language support,other Python frameworks support, analysis improvement, reporting capability, documentation, promotion materials: publication-ready article and presentation | + | : the aim of this project is to provide full language support,other Python frameworks support, analysis improvement, reporting capability, documentation, promotion materials: publication-ready article and presentation (Assessment Criteria v1.0) |
; [[:Category:OWASP Proxy|OWASP Proxy Project]] | ; [[:Category:OWASP Proxy|OWASP Proxy Project]] | ||
| − | : aims to provide a high quality intercepting proxy library which can be used by developers who require this functionality in their own programs, rather than having to develop it all from scratch. | + | : aims to provide a high quality intercepting proxy library which can be used by developers who require this functionality in their own programs, rather than having to develop it all from scratch. (Assessment Criteria v1.0) |
; [[:Category:OWASP Sprajax Project|OWASP Sprajax Project]] | ; [[:Category:OWASP Sprajax Project|OWASP Sprajax Project]] | ||
| − | : an open source black box security scanner used to assess the security of AJAX-enabled applications | + | : an open source black box security scanner used to assess the security of AJAX-enabled applications (Assessment Criteria v1.0) |
; [[:Category:OWASP Stinger Project|OWASP Stinger Project]] | ; [[:Category:OWASP Stinger Project|OWASP Stinger Project]] | ||
| − | : a project focus on the development of a centralized input validation mechanism which can be easily applied to existing or developmental applications | + | : a project focus on the development of a centralized input validation mechanism which can be easily applied to existing or developmental applications (Assessment Criteria v1.0) |
; [[:Category:OWASP Vicnum Project|OWASP Vicnum Project]] | ; [[:Category:OWASP Vicnum Project|OWASP Vicnum Project]] | ||
| − | : a lightweight vulnerable web application based on a game played to kill time which demonstrates common web application vulnerabilities such as cross site scripting | + | : a lightweight vulnerable web application based on a game played to kill time which demonstrates common web application vulnerabilities such as cross site scripting (Assessment Criteria v1.0) |
; [[:Category:OWASP Wapiti Project|OWASP Wapiti Project]] | ; [[:Category:OWASP Wapiti Project|OWASP Wapiti Project]] | ||
| − | : the project allows to audit the security by performing "black-box" scans acting like a fuzzer, injecting payloads to see if an application is vulnerable | + | : the project allows to audit the security by performing "black-box" scans acting like a fuzzer, injecting payloads to see if an application is vulnerable (Assessment Criteria v1.0) |
; [[:Category:OWASP Web Application Security Metric using Attack Patterns Project|OWASP Web Application Security Metric using Attack Patterns Project]] | ; [[:Category:OWASP Web Application Security Metric using Attack Patterns Project|OWASP Web Application Security Metric using Attack Patterns Project]] | ||
| − | : the project provides attack pattern database along with prototype model | + | : the project provides attack pattern database along with prototype model (Assessment Criteria v1.0) |
; [[:Category:OWASP_Web_2.0_Project|OWASP Web 2.0 Project]] | ; [[:Category:OWASP_Web_2.0_Project|OWASP Web 2.0 Project]] | ||
| − | : a place for advanced research of security in the Web 2.0 world | + | : a place for advanced research of security in the Web 2.0 world (Assessment Criteria v1.0) |
; [[:Category:OWASP WeBekci Project|OWASP WeBekci Project]] | ; [[:Category:OWASP WeBekci Project|OWASP WeBekci Project]] | ||
| − | : this is web based ModSecurity 2.x management tool. WeBekci is written in PHP, Its backend is powered by MySQL and the frontend by XAJAX framework. | + | : this is web based ModSecurity 2.x management tool. WeBekci is written in PHP, Its backend is powered by MySQL and the frontend by XAJAX framework. (Assessment Criteria v1.0) |
; [[:Category:OWASP Webslayer Project|OWASP Webslayer Project]] | ; [[:Category:OWASP Webslayer Project|OWASP Webslayer Project]] | ||
| − | : a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked | + | : a tool designed for bruteforcing Web Applications, it can be used for finding resources not linked (Assessment Criteria v1.0) |
; [[:Category:OWASP Yasca Project|OWASP Yasca Project]] | ; [[:Category:OWASP Yasca Project|OWASP Yasca Project]] | ||
| − | : Yasca is a new static analysis tool designed to scan Java, C/C++, JavaScript, .NET, and other source code for security and code-quality issues. Yasca is easily extensible via a plugin-based architecture, so scanning PHP, Ruby, or other languages is as simple as coming up with rules or integrating external tools. | + | : Yasca is a new static analysis tool designed to scan Java, C/C++, JavaScript, .NET, and other source code for security and code-quality issues. Yasca is easily extensible via a plugin-based architecture, so scanning PHP, Ruby, or other languages is as simple as coming up with rules or integrating external tools. (Assessment Criteria v1.0) |
</td><td> | </td><td> | ||
; [[:Category:OWASP ASDR Project | OWASP ASDR Project]] | ; [[:Category:OWASP ASDR Project | OWASP ASDR Project]] | ||
| − | : is a reference volume that contains basic information about all the foundational topics in application security | + | : is a reference volume that contains basic information about all the foundational topics in application security (Assessment Criteria v1.0) |
; [[:Category:OWASP AIR Security Project|OWASP AIR Security Project]] | ; [[:Category:OWASP AIR Security Project|OWASP AIR Security Project]] | ||
| − | : investigating the security of AIR applications | + | : investigating the security of AIR applications (Assessment Criteria v1.0) |
; [[:Category:OWASP AJAX Security Project|OWASP AJAX Security Guide]] | ; [[:Category:OWASP AJAX Security Project|OWASP AJAX Security Guide]] | ||
| − | : investigating the security of AJAX enabled applications | + | : investigating the security of AJAX enabled applications (Assessment Criteria v1.0) |
; [[:Category:OWASP Anti-Malware Project|OWASP Anti-Malware Project]] | ; [[:Category:OWASP Anti-Malware Project|OWASP Anti-Malware Project]] | ||
| − | : describing common flaws in security designs | + | : describing common flaws in security designs (Assessment Criteria v1.0) |
; [[:Category:OWASP Application Security Assessment Standards Project|OWASP Application Security Assessment Standards Project]] | ; [[:Category:OWASP Application Security Assessment Standards Project|OWASP Application Security Assessment Standards Project]] | ||
| − | : establish a set of standards defining baseline approaches to conducting differing types/levels of application security assessment | + | : establish a set of standards defining baseline approaches to conducting differing types/levels of application security assessment (Assessment Criteria v1.0) |
| − | ; [[:Category:OWASP Application Security Requirements Project|OWASP Application Security Requirements]] | + | ; [[:Category:OWASP Application Security Requirements Project|OWASP Application Security Requirements]] (Assessment Criteria v1.0) |
; [[:Category:OWASP Application Security Metrics Project|OWASP Application Security Metrics Project]] | ; [[:Category:OWASP Application Security Metrics Project|OWASP Application Security Metrics Project]] | ||
| − | : identify and provide a set of application security metrics that have been found by contributors to be effective in measuring application security | + | : identify and provide a set of application security metrics that have been found by contributors to be effective in measuring application security (Assessment Criteria v1.0) |
; [[:Category:OWASP Best Practices: Use of Web Application Firewalls|OWASP Best Practices: Use of Web Application Firewalls]] | ; [[:Category:OWASP Best Practices: Use of Web Application Firewalls|OWASP Best Practices: Use of Web Application Firewalls]] | ||
| − | : the document is aimed primarily at technical decision-makers, especially those responsible for operations and security | + | : the document is aimed primarily at technical decision-makers, especially those responsible for operations and security (Assessment Criteria v1.0) |
; [[:Category:OWASP Book Cover & Sleeve Design|OWASP Book Cover & Sleeve Design]] | ; [[:Category:OWASP Book Cover & Sleeve Design|OWASP Book Cover & Sleeve Design]] | ||
| − | : this is a project of corporate design to develop a scalable book cover series strategy and a Book Sleeve. | + | : this is a project of corporate design to develop a scalable book cover series strategy and a Book Sleeve. (Assessment Criteria v1.0) |
; [[:Category:OWASP Career Development Project|OWASP Career Development Project]] | ; [[:Category:OWASP Career Development Project|OWASP Career Development Project]] | ||
| − | : The OWASP Career Development project is focused on helping application security professionals understand the job market, roles, career paths, and skills to work in the field. | + | : The OWASP Career Development project is focused on helping application security professionals understand the job market, roles, career paths, and skills to work in the field. (Assessment Criteria v1.0) |
| − | ; [[:Category:OWASP Certification Criteria Project|OWASP Certification Criteria Project]] | + | ; [[:Category:OWASP Certification Criteria Project|OWASP Certification Criteria Project]] (Assessment Criteria v1.0) |
; [[:Category:OWASP Certification Project|OWASP Certification Project]] | ; [[:Category:OWASP Certification Project|OWASP Certification Project]] | ||
| − | : our challenge is to create a plan for certification: a set of OWASP Certification for Developers and Testers. | + | : our challenge is to create a plan for certification: a set of OWASP Certification for Developers and Testers. (Assessment Criteria v1.0) |
; [[Classic_ASP_Security_Project |OWASP Classic ASP Security Project]] | ; [[Classic_ASP_Security_Project |OWASP Classic ASP Security Project]] | ||
| − | : it aims in creating a secure framework for Classic ASP application by complementing existing OWASP projects with documentation for this particular technology and the creation of security libraries. | + | : it aims in creating a secure framework for Classic ASP application by complementing existing OWASP projects with documentation for this particular technology and the creation of security libraries. (Assessment Criteria v1.0) |
| − | ; [[:Category:OWASP Communications Project|OWASP Communications Project]] | + | ; [[:Category:OWASP Communications Project|OWASP Communications Project]] (Assessment Criteria v1.0) |
; [[:Category:OWASP Flash Security Project|OWASP Flash Security Project]] | ; [[:Category:OWASP Flash Security Project|OWASP Flash Security Project]] | ||
| − | : investigating the security of Flash applications | + | : investigating the security of Flash applications (Assessment Criteria v1.0) |
; [[:Category:OWASP Honeycomb Project|OWASP Honeycomb Project]] | ; [[:Category:OWASP Honeycomb Project|OWASP Honeycomb Project]] | ||
| − | : a comprehensive and integrated guide to the fundamental building blocks of application security | + | : a comprehensive and integrated guide to the fundamental building blocks of application security (Assessment Criteria v1.0) |
; [[:Category:OWASP Individual and Corporate Member Packs plus Conference Attendee Packs Brief|OWASP Member Packs/Conference Attendee Packs]] | ; [[:Category:OWASP Individual and Corporate Member Packs plus Conference Attendee Packs Brief|OWASP Member Packs/Conference Attendee Packs]] | ||
| − | : this is a project of corporate design to develop an Individual/Member Pack. | + | : this is a project of corporate design to develop an Individual/Member Pack. (Assessment Criteria v1.0) |
; [[:Category:OWASP Java Project|OWASP Java Project]] | ; [[:Category:OWASP Java Project|OWASP Java Project]] | ||
| − | : a project focused on helping Java and J2EE developers build secure applications | + | : a project focused on helping Java and J2EE developers build secure applications (Assessment Criteria v1.0) |
; [[:Category:OWASP Logging Project|OWASP Logging Guide]] | ; [[:Category:OWASP Logging Project|OWASP Logging Guide]] | ||
| − | : a project to define best practices for logging and log management | + | : a project to define best practices for logging and log management (Assessment Criteria v1.0) |
; [[:Category:OWASP ModSecurity Core Rule Set Project|OWASP ModSecurity Core Rule Set Project]] | ; [[:Category:OWASP ModSecurity Core Rule Set Project|OWASP ModSecurity Core Rule Set Project]] | ||
| − | : a project to document and develop the ModSecurity Core Rule Set | + | : a project to document and develop the ModSecurity Core Rule Set (Assessment Criteria v1.0) |
; [[:Category:OWASP PHP Project|OWASP PHP Project]] | ; [[:Category:OWASP PHP Project|OWASP PHP Project]] | ||
| − | : a project focused on helping PHP developers build secure applications | + | : a project focused on helping PHP developers build secure applications (Assessment Criteria v1.0) |
; [[:Category:OWASP Positive Security Project | OWASP Positive Security Project]] | ; [[:Category:OWASP Positive Security Project | OWASP Positive Security Project]] | ||
| − | : a project to learn how companies are working to create a positive security approach on their own resources and use this knowledge to create a set of control, marketing and awareness tools that will be available to promote and construct a positive approach to security worldwide. | + | : a project to learn how companies are working to create a positive security approach on their own resources and use this knowledge to create a set of control, marketing and awareness tools that will be available to promote and construct a positive approach to security worldwide. (Assessment Criteria v1.0) |
; [[:Category:OWASP SASAP Project|OWASP Scholastic Application Security Assessment Project]] | ; [[:Category:OWASP SASAP Project|OWASP Scholastic Application Security Assessment Project]] | ||
| − | : a project that is intended to be the first step towards integrating security requirements in academic course curriculum | + | : a project that is intended to be the first step towards integrating security requirements in academic course curriculum (Assessment Criteria v1.0) |
; [[:Category:OWASP_Security_Spending_Benchmarks|OWASP Security Spending Benchmarks]] | ; [[:Category:OWASP_Security_Spending_Benchmarks|OWASP Security Spending Benchmarks]] | ||
| − | : provides insight to reduce operational appsec costs | + | : provides insight to reduce operational appsec costs (Assessment Criteria v1.0) |
; [[:Category:OWASP Source Code Flaws Top 10 Project|OWASP Source Code Flaws Top 10 Project]] | ; [[:Category:OWASP Source Code Flaws Top 10 Project|OWASP Source Code Flaws Top 10 Project]] | ||
| − | : a project that is a sort of Top 10 of flaw categories that can be used to match vulnerabilities found during a code review | + | : a project that is a sort of Top 10 of flaw categories that can be used to match vulnerabilities found during a code review (Assessment Criteria v1.0) |
; [[:Category:OWASP Validation Project|OWASP Validation Project]] | ; [[:Category:OWASP Validation Project|OWASP Validation Project]] | ||
| − | : a project that provides guidance and tools related to validation | + | : a project that provides guidance and tools related to validation (Assessment Criteria v1.0) |
; [[:Category:OWASP WASS Project|OWASP WASS Guide]] | ; [[:Category:OWASP WASS Project|OWASP WASS Guide]] | ||
| − | : a standards project to develop more concrete criteria for secure applications | + | : a standards project to develop more concrete criteria for secure applications (Assessment Criteria v1.0) |
; [[:Category:OWASP Web Application Scanner Specification Project|OWASP Web Application Scanner Specification Project]] | ; [[:Category:OWASP Web Application Scanner Specification Project|OWASP Web Application Scanner Specification Project]] | ||
| − | : there will always be a "gap" between the types of attacks that can be performed and those which can be found by an automated scanner. This project will attempt to outline some of those shortcomings and offer a plan for comparing and/or building web application vulnerability scanners. | + | : there will always be a "gap" between the types of attacks that can be performed and those which can be found by an automated scanner. This project will attempt to outline some of those shortcomings and offer a plan for comparing and/or building web application vulnerability scanners. (Assessment Criteria v1.0) |
; [[:Category:OWASP Web Application Security Put Into Practice|OWASP Web Application Security Put Into Practice]] | ; [[:Category:OWASP Web Application Security Put Into Practice|OWASP Web Application Security Put Into Practice]] | ||
| − | : real-world web application security for Ruby on Rails, Apache and MySQL | + | : real-world web application security for Ruby on Rails, Apache and MySQL (Assessment Criteria v1.0) |
; [[:Category:OWASP XML Security Gateway Evaluation Criteria Project|OWASP XML Security Gateway Evaluation Criteria]] | ; [[:Category:OWASP XML Security Gateway Evaluation Criteria Project|OWASP XML Security Gateway Evaluation Criteria]] | ||
| − | : a project to define evaluation criteria for XML Security Gateways | + | : a project to define evaluation criteria for XML Security Gateways (Assessment Criteria v1.0) |
; [[:Category:OWASP on the Move Project|OWASP on The Move Project]] | ; [[:Category:OWASP on the Move Project|OWASP on The Move Project]] | ||
| − | : a project offering OWASP sponsorship for OWASP (related) speakers on web application security events or chapter meetings. | + | : a project offering OWASP sponsorship for OWASP (related) speakers on web application security events or chapter meetings. (Assessment Criteria v1.0) |
; [[:Category:OWASP Speakers Project|OWASP Speakers Project]] | ; [[:Category:OWASP Speakers Project|OWASP Speakers Project]] | ||
| − | : a project to match offer and demand regarding OWASP (related) presentations by speakers on web application security events or chapter meetings. | + | : a project to match offer and demand regarding OWASP (related) presentations by speakers on web application security events or chapter meetings. (Assessment Criteria v1.0) |
; [[:Category:OWASP Fuzzing Code Database|OWASP Fuzzing Code Database]] | ; [[:Category:OWASP Fuzzing Code Database|OWASP Fuzzing Code Database]] | ||
| − | : a project to collect, share and compose statements used as code injections like SQL, SSI, XSS, Formatstring and as well directory traversal statements. | + | : a project to collect, share and compose statements used as code injections like SQL, SSI, XSS, Formatstring and as well directory traversal statements. (Assessment Criteria v1.0) |
</td></tr></table> | </td></tr></table> | ||
Revision as of 22:12, 8 March 2009
An OWASP project is a collection of related tasks that have a defined roadmap and team members. OWASP project leaders are responsible for defining the vision, roadmap, and tasks for the project. The project leader also promotes the project and builds the team.
If you would like to start a new project please review the How to Start an OWASP Project guide. Please contact the Global Project Committee members to discuss project ideas and how they might fit into OWASP. All OWASP projects must be free and open and have their homepage on the OWASP portal. You can read all the guidelines in the Project Assessment Criteria.
Every project has an associated mail list. You can view all the lists, examine their archives, and subscribe to any of them on the OWASP Project Mailing Lists page.
Release Quality Projects
Release quality projects are generally the level of quality of professional tools or documents. Tools and documents are organized into the following categories:
- PROTECT - These are tools and documents that can be used to guard against security-related design and implementation flaws.
- DETECT - These are tools and documents that can be used to find security-related design and implementation flaws.
- LIFE CYCLE - These are tools and documents that can be used to add security-related activities into the Software Development Life Cycle (SDLC).
Projects are listed below.
| Tools | Documentation |
|---|---|
|
|
|
Beta Status Projects
Beta quality projects are complete and ready to use with documentation. Tools and documents are organized into the following categories:
- PROTECT - These are tools and documents that can be used to guard against security-related design and implementation flaws.
- DETECT - These are tools and documents that can be used to find security-related design and implementation flaws.
- LIFE CYCLE - These are tools and documents that can be used to add security-related activities into the Software Development Life Cycle (SDLC).
Projects are listed below.
| Tools | Documentation |
|---|---|
|
|
|
Alpha Status Projects
Alpha quality projects are generally usable but may lack documentation or quality review. Tools and documents are organized into the following categories:
- PROTECT - These are tools and documents that can be used to guard against security-related design and implementation flaws.
- DETECT - These are tools and documents that can be used to find security-related design and implementation flaws.
- LIFE CYCLE - These are tools and documents that can be used to add security-related activities into the Software Development Life Cycle (SDLC).
Projects are listed below.
| Tools | Documentation |
|---|---|
|
|
Inactive Projects
The criteria is still being developed. Tools and documents are organized into the following categories:
- PROTECT - These are tools and documents that can be used to guard against security-related design and implementation flaws.
- DETECT - These are tools and documents that can be used to find security-related design and implementation flaws.
- LIFE CYCLE - These are tools and documents that can be used to add security-related activities into the Software Development Life Cycle (SDLC).
Projects are listed below.
| Tools | Documentation |
|---|---|
|
|
How to add a new OWASP Project article
You can follow the instructions to make a new OWASP Project article. Please use the appropriate structure and follow the Tutorial. Be sure to paste the following at the end of your article to make it show up in the OWASP Project category:
[[Category:OWASP Project]]
Subcategories
This category has the following 132 subcategories, out of 132 total.
A
B
C
D
E
F
G
H
I
J
L
M
N
O
P
R
S
T
V
W
X
Y
Pages in category "OWASP Project"
The following 200 pages are in this category, out of 419 total.
(previous page) (next page)A
B
C
- Classic ASP Security Project
- GPC Project Details/OWASP Cloud ‐ 10 Project
- GPC Project Details/OWASP Code Crawler
- Code review
- OWASP Codes of Conduct
- Collaborate
- OWASP Common Numbering Project
- GPC Project Details/OWASP CBT Project
- Cornucopia - Ecommerce Website Edition - Wiki Deck
- OWASP Corporate Application Security Rating Guide
- OWASP Cross-Site Request Forgery Research Pool
- OWASP CSRFGuard Project/es
- CSRFProtector Project
E
G
H
J
M
O
- O-Saft
- O-Saft/Documentation
- OWASP O2 Platform Project - Project Identification
- Octoms
- Opa
- Projects/Opa
- OWASP OVAL Content Project
- OWASP - Cyber Security in the Boardroom
- OWASP 1-Liner
- OWASP A&D Project
- OWASP Academy Portal Project
- OWASP AJAX Crawling Tool
- OWASP Amass Project
- OWASP Androick Project
- OWASP Anti-Ransomware Guide Project
- OWASP API Security Project
- OWASP APK DISSECTOR
- OWASP Application Fuzzing Framework Project
- OWASP Application Security Curriculum
- OWASP Application Security Guide For CISOs Project
- OWASP Application Security Guide For CISOs Project v2
- OWASP Application Security Program Quick Start Guide Project
- OWASP AppSec Designer Security Functional Requirements & Countermeasures Libraries
- OWASP AppSec Pipeline
- OWASP Appsec Tutorial Series
- OWASP AppSensor Handbook
- OWASP AppSensor Project
- OWASP ASP.NET MVC Boilerplate Project
- OWASP Assimilation Project
- OWASP ASVS Assessment tool
- OWASP Attack Surface Detector Project
- OWASP Auth
- OWASP Automated Threats to Web Applications
- OWASP Autosploit Project
- OWASP Barbarus
- OWASP Basic Expression & Lexicon Variation Algorithms (BELVA) Project
- OWASP Best Practices in Vulnerability Disclosure and Bug Bounty Programs
- OWASP Broken Web Applications Project
- OWASP Browser Security Project
- OWASP Bug Logging Tool
- OWASP Bywaf Project
- OWASP Cheat Sheet Series
- OWASP Chinese Project
- OWASP CISO Survey Project
- OWASP Click Me Project
- OWASP Cloud Security Mentor
- OWASP Cloud Security Project
- OWASP Cloud Testing Guide
- OWASP Cloud-Native Application Security Top 10
- OWASP Code Project Template
- OWASP Code Pulse Project
- OWASP Container Security Verification Standard (CSVS)
- OWASP Cornucopia
- OWASP Counter Project
- OWASP Crossword of the Month
- OWASP Crowdtesting
- OWASP Cyber Defense Matrix
- OWASP D4N155
- OWASP Damn Vulnerable Crypto Wallet
- OWASP Damn Vulnerable Web Sockets (DVWS)
- OWASP DeepViolet TLS/SSL Scanner
- OWASP DefectDojo Project
- OWASP Dependency Check
- OWASP Dependency Track Project
- OWASP Desktop Goat and Top 5 Project
- OWASP DevSecOps Maturity Model
- OWASP DevSlop Project
- OWASP Documentation Project Template
- OWASP Droid Fusion
- OWASP Droid10 Project
- OWASP DVSA
- OWASP Ecuador
- OWASP EJSF Project
- OWASP Embedded Application Security
- OWASP Encoder Comparison Reference Project
- OWASP Example Incubator
- OWASP Excess XSS Project
- OWASP Faux Bank Project
- OWASP File Hash Repository
- OWASP Financial Information Exchange Security Project
- OWASP Find Security Bugs
- OWASP Focus
- OWASP Framework Security Project
- OWASP Game Security Framework Project
- OWASP Global Chapter Meetings Project
- OWASP Glue Tool Project
- OWASP Go Secure Coding Practices Guide
- OWASP Good Component Practices Project
- OWASP Google Assistant
- OWASP Guide Project
- OWASP H2H Tool Project
- OWASP HA Vulnerability Scanner Project
- OWASP Hackademic Challenges Project
- OWASP Hacking Lab
- OWASP Hacking-the Pentest Tutor Game
- OWASP Hive Project
- OWASP Honeypot Project
- OWASP ICS / SCADA Security Project
- OWASP iGoat Tool Project
- OWASP iMAS iOS Mobile Application Security Project
- OWASP Incident Response Project
- OWASP Information Security Metrics Bank
- OWASP Insecure Web Components Project
- OWASP Intelligent Intrusion Detection System
- OWASP Internet of Things Project
- OWASP IOT Analytics 4Industry4
- OWASP iSABEL Proxy Server
- OWASP ISO IEC 27034 Application Security Controls Project
- OWASP ISO Project
- OWASP Java Encoder Project
- OWASP Java File I O Security Project
- OWASP Java J2EE Secure Development Curriculum
- OWASP Java Uncertain Form Submit Prevention
- OWASP JavaScript Sandboxes
- OWASP JAWS Project
- OWASP JOTP Project
- OWASP JSEC CVE Details
- OWASP JSON Sanitizer
- OWASP Jupiter
- OWASP KALP Mobile Project
- OWASP Kates Project
- OWASP Knowledge Based Authentication Performance Metrics Project
- OWASP Knowledge Graph
- OWASP LAPSE Project
- OWASP Learning Platform Project
- OWASP Lock It
- OWASP Logging
- OWASP LWAF
