Main Page

Participation

We invite you to join us. If your organization is using OWASP materials, please support our efforts by becoming a member. There is no obligation to become a member to use our materials or participate in the application security community. Yet we rely on your organizations' memberships to make OWASP happen. Don't miss your chance to support what we're trying to accomplish. As a 501c3 not-for-profit, all membership dues go to supporting OWASP activities.

What You'll Find Here

Whether you're just Getting Started in application security or you're an expert, there's information here for you. Find out about Application Vulnerability Areas, Countermeasures, Threat Modeling, Secure Development Lifecycle, and how to build secure applications on platforms like J2EE, .NET,, and more.

There are also lots of materials available for download. There are Tools, Technical Papers, Presentations, Videos, Templates, Checklists, and more. All OWASP materials are free and licensed under an approved open source license. Some of our most popular downloads include:

• The Guide to Building Secure Web Applications and Web Services book
• The WebScarab web application and web service penetration testing tool
• The WebGoat web application security training environment
• The Top Ten Most Critical Web Application Security Vulnerabilities awareness paper
• more...

OWASP Projects

OWASP has a variety of Projects underway to advance the state of the art in different areas of application security. Anyone can join our projects and help out. All you have to do is choose a project and request a task. A few of the projects that need help right now:

• The AJAX Security Project is looking for writers and developers
• The WebGoat Project needs a lesson on AJAX security
• The Guide Project needs reviewers for version 2.2

OWASP Community

• Mailing Lists
• Local Chapters
• OWASP AppSec Conferences