This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit


Revision as of 22:14, 30 May 2011 by Esheridan (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


Welcome to the home of the Synapse project! Synapse is a code analysis tool inspired by other static analysis tools such as OWASP LAPSE, OWASP Orizon, and FlawFinder. The project "compiles" source code into an intermediate format called Common Abstract Syntax Tree (CAST) which is then analyzed for security problems.


It is developed almost entirely using C# (.NET 3.5 or greater) with minimal Java for the aforementioned "compilation" support. The project is currently in development form with hopes of achieving release status in the near future. A more formal project roadmap is under construction.

Project Lead

Eric Sheridan (eric dot sheridan at owasp dot org) is the owner, chief architect, and lead developer of the Synapse project. Aside from leading up Synapse, Eric has contributed to or provided guidance on numerous other OWASP projects including the Cross-Site Request Forgery Prevention Cheat Sheet, WebGoat, Stinger, CSRFTester, and Enterprise Security API (ESAPI).


Synapse is offered under the GPLv3 license. For further information on OWASP licenses, please consult the OWASP Licenses page.

Source Code

The source code is currently hosted on Sourceforge in a single zip archive. Synapse will leverage the SVN capabilities of Sourceforge once the project layout and structure becomes more stable. The following links can be used to access the source code.

Synapse 0.1 (ALPHA)


Project Sponsors

Looking for Sponsors...

This category currently contains no pages or media.