This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Project Inventory"

From OWASP
Jump to: navigation, search
(Archived Projects)
(Added redirect)
 
(167 intermediate revisions by 11 users not shown)
Line 1: Line 1:
 +
#REDIRECT[[OWASP_Project]]
 +
 
__NOTOC__  
 
__NOTOC__  
 
{|
 
{|
Line 10: Line 12:
 
|}
 
|}
  
 +
= Quick Guides to OWASP Projects =
 +
 +
[[File:Owasp Dev Guide-2.png | 800px | left ]]
  
 
= Incubator Projects  =
 
= Incubator Projects  =
Line 19: Line 24:
 
| style="width: 95%; color: rgb(0, 0, 0);" |  
 
| style="width: 95%; color: rgb(0, 0, 0);" |  
 
<font size=2pt>
 
<font size=2pt>
==Incubator Projects==
+
[[File:Incubator_banner.jpg]]
  
 
OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway.  The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing.
 
OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway.  The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing.
  
 +
===Thumbs up===
 +
Thumbs up are given to incubator projects showing a steady progress in their development, had continuous releases and commits or have delivered a complete product, including open source repository location, basic user guidelines and documentation
 +
 +
 +
====Code [Reviewed March 2015]====
 +
* [[OWASP_Java_Encoder_Project|OWASP Java Encoder Project]] [[File:Thumbsup.png|15px]]
 +
* [[OWASP_Java_File_I_O_Security_Project|OWASP Java File I/O Security Project]]
 +
* [[OWASP_PHP_Security_Project|OWASP PHP Security Project]]
 +
* [[OWASP_Node_js_Goat_Project|OWASP Node.js Goat Project]] [[File:Thumbsup.png|15px]]
 +
* [[OWASP_File_Format_Validation_Project|OWASP File Format Validation Project]]
 +
* [[OWASP_Security_Logging_Project|OWASP Security Logging Project]]
 +
 +
=====Code: Low Activity=====
 +
 +
* [[OWASP_PHPRBAC_Project|OWASP PHPRBAC Project]]
 +
 +
====Research====
 +
* [[OWASP_WASC_Distributed_Web_Honeypots_Project|OWASP WASC Distributed Web Honeypots Project]]
 +
* [[OWASP_Security_Research_and_Development_Framework|OWASP Security Research and Development Framework]]
  
'''Code'''
+
====Tools [Reviewed last: May 2015]====
* [https://www.owasp.org/index.php/Opa OWASP OPA]
+
* [[OWASP_Wordpress_Vulnerability_Scanner_Project | OWASP Wordpress Vulnerability Scanner]]
* [https://www.owasp.org/index.php/OWASP_Java_Encoder_Project OWASP Java Encoder Project]
+
* [[OWASP_Threat_Dragon | OWASP Threat Dragon]]
* [https://www.owasp.org/index.php/OWASP_Passfault OWASP Passfault]
+
* [[OWASP_Security_Knowledge_Framework#tab=Main | Security Knowledge Framework]]
* [https://www.owasp.org/index.php/OWASP_JSON_Sanitizer OWASP JSON Sanitizer]
+
* [[OWASP_Faux_Bank_Project|OWASP Faux Bank Project]]
* [https://www.owasp.org/index.php/OWASP_Security_Research_and_Development_Framework OWASP Security Research and Development Framework]
+
* [[OWASP_Droid10_Project|OWASP Droid]]
* [https://www.owasp.org/index.php/OWASP_Focus OWASP Focus]
+
* [https://www.owasp.org/index.php/Category:OWASP_Wapiti_Project OWASP Wapiti Project]
* [https://www.owasp.org/index.php/OWASP_PHPRBAC_Project OWASP PHPRBAC Project]
+
*[[Benchmark|OWASP WebGoat Benchmark]]
* [https://www.owasp.org/index.php/OWASP_EJSF_Project OWASP EJSF Project]
+
*[[OWASP_WAP-Web_Application_Protection|WAP Web Application_Protection]]
* [https://www.owasp.org/index.php/OWASP_Barbarus OWASP Barbarus]
+
*[[OWASP_Java_HTML_Sanitizer|OWASP Java HTML Sanitizer Project]] [[File:Thumbsup.png|15px]]
* [https://www.owasp.org/index.php/OWASP_iMAS_iOS_Mobile_Application_Security_Project OWASP iMAS - iOS Mobile Application Security Project]
+
*[[OWASP_Mantra_OS|OWASP Mantra OS]]
* [https://www.owasp.org/index.php/OWASP_RBAC_Project OWASP RBAC Project]
+
*[[OWASP_iGoat_Project|OWASP iGoat Project]]
* [https://www.owasp.org/index.php/OWASP_PHP_Security_Project OWASP PHP Security Project]
+
*[[OWASP_Bricks|OWASP Bricks]]
* [https://www.owasp.org/index.php/OWASP_Simple_Host_Base_Incidence_Detection_System_Project OWASP Simple Host Base Incidence Detection System Project]
+
*[[OWASP_Bywaf_Project|OWASP Bywaf Project]]
* [https://www.owasp.org/index.php/OWASP_File_Format_Validation_Project OWASP File Format Validation Project]
+
*[[OWASP_Mutillidae_2_Project|OWASP Mutillidae 2 Project]]  
* [https://www.owasp.org/index.php/OWASP_JAWS_Project OWASP JAWS Project]
+
*[[OWASP_SeraphimDroid_Project|OWASP SeraphimDroid Project]]
* [https://www.owasp.org/index.php/OWASP_Node_js_Goat_Project OWASP Node.js Goat Project]
+
*[[OWASP_WebSpa_Project|OWASP WebSpa Project]]
* [https://www.owasp.org/index.php/OWASP_System_Vulnerable_Code_Project OWASP System Vulnerable Code Project]
+
*[[OWASP_NINJA_PingU_Project|OWASP NINJA PingU Project]]
* [https://www.owasp.org/index.php/OWASP_ISO_IEC_27034_Application_Security_Controls_Project OWASP ISO/IEC 27034 Application Security Controls Project]
+
*[[OWASP_Encoder_Comparison_Reference_Project|OWASP Encoder Comparison Reference Project]]
* [https://www.owasp.org/index.php/OWASP_Ultimatum_Project OWASP Ultimatum Project]
+
*[[:Category:OWASP_SQLiX_Project|OWASP sqliX Project]]
* [https://www.owasp.org/index.php/OWASP_Java_File_I_O_Security_Project OWASP Java File I/O Security Project]
+
*[[OWASP_Secure_TDD_Project|OWASP Secure TDD Project]]
* [https://www.owasp.org/index.php/OWASP_Secure_Headers_Project OWASP Secure Headers Project]
+
*[[OWASP_XSecurity_Project|OWASP XSecurity Project]]
 +
*[[OWASP_Pyttacker_Project|OWASP Pyttacker Project]]
 +
*[[OWASP_HTTP_Post_Tool|OWASP HTTP POST Tool]]
 +
*[[Projects/OWASP_iOSForensic|OWASP iOSForensic]]
 +
*[[OWASP Rainbow Maker Project | OWASP Rainbow Maker Project]]  
 +
*[[OWASP JSEC CVE Details | OWASP JSEC CVE Details]]  
 +
* [[:Category:OWASP_WebGoat.NET|OWASP WebGoat.NET]]
 +
* [[OWASP_ASIDE_Project|OWASP ASIDE Project]]
  
'''Tools'''
+
====Documentation[Review: May 2015]====
 +
*[[OWASP_Snakes_and_Ladders|OWASP Snakes and Ladders Project]]
 +
*[[OWASP Automated Threats to Web Applications]]
 +
*[[OWASP_Data_Exchange_Format_Project|OWASP Data Exchange Format Project]]
 +
*[[OWASP_Enterprise_Application_Security_Project|OWASP Enterprise Application Security Project]]
 +
*[[OWASP_Secure_Application_Design_Project|OWASP Secure Application Design Project]]
 +
*[[OWASP_Top_10_Fuer_Entwickler_Project|OWASP Top 10 Fuer Entwickler Project]]
 +
*[[OWASP_Vulnerable_Web_Applications_Directory_Project|OWASP Vulnerable Web Applications Directory Project]]
 +
*[[OWASP_Reverse_Engineering_and_Code_Modification_Prevention_Project|OWASP Reverse Engineering and Code Modification Prevention Project]]
 +
*[[:Category:OWASP_.NET_Project|OWASP .NET Project]]
 +
*[[OWASP_WASC_Web_Hacking_Incidents_Database_Project|OWASP WASC Web Hacking Incidents Database Project]]
 +
*[[OWASP_Security_Frameworks_Project|OWASP Security Frameworks Project]]
 +
*[[OWASP_Incident_Response_Project|OWASP Incident Response Project]]
 +
*[[OWASP_Periodic_Table_of_Vulnerabilities|OWASP Periodic Table of Vulnerabilities]]
 +
*[[OWASP_Top_Trumps_for_Projects|OWASP Top Trumps for Projects]]
 +
*[[OWASP KALP Mobile Project | OWASP KALP Mobile Project]]
 +
*[[OWASP Persian Translation Project | OWASP Persian Translation Project]]
 +
*[[OWASP_Application_Security_Program_Quick_Start_Guide_Project|OWASP_Application_Security_Program_Quick_Start_Guide_Project]]
 +
*[[OWASP_Secure_Configuration_Guide|OWASP_Secure_Configuration_Guide]]
 +
*[[OWASP_Knowledge_Based_Authentication_Performance_Metrics_Project|OWASP_Knowledge_Based_Authentication_Performance_Metrics_Project]]
 +
*[[OWASP_RFP-Criteria|OWASP Request For Proposal]]
 +
*[[OWASP_OWASP_Snakes_and_Ladders|OWASP Snakes and Ladders]] 1/22/16
  
* [https://www.owasp.org/index.php/OWASP_NAXSI_Project OWASP NAXSI Project]
+
==Educational Initiatives==
* [https://www.owasp.org/index.php/OWASP_Passw3rd_Project OWASP Passw3rd Project]
+
*[[OWASP_Visual_Crime_Scene_and_Security_Incident_Education_Project#tab=Main | OWASP Visual Crime Scene and Security Incident Project]]
* [https://www.owasp.org/index.php/Category:OWASP_WebGoat.NET OWASP WebGoat.NET]
+
*[[OWASP_Secure_Development_Training|OWASP Secure Development Training]]
* [https://www.owasp.org/index.php/OWASP_Path_Traverser OWASP Path Traverser]
+
*[[OWASP_Student_Chapters_Program|OWASP Student Chapters Project]]
* [https://www.owasp.org/index.php/OWASP_Watiqay OWASP Watiqay]
+
*[[:Category:OWASP_Education_Project|OWASP Education Project]]
* [https://www.owasp.org/index.php/Projects/OWASP_Security_Shepherd/Roadmap OWASP Security Shepherd]
+
*[[:Category:OWASP_Speakers_Project|OWASP Speakers Project]]
* [https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework OWASP Xenotix XSS Exploit Framework]
+
*[[OWASP_Global_Chapter_Meetings_Project|OWASP Global Chapter Meetings Project]]
* [https://www.owasp.org/index.php/OWASP_Mantra_OS OWASP Mantra OS]
+
*[[OWASP_Media_Project|OWASP Media Project]]
* [https://www.owasp.org/index.php/OWASP_XSSER OWASP XSSER]
+
*[[OWASP_Hacking_Lab|OWASP Hacking-Lab]]
* [https://www.owasp.org/index.php/OWASP_Academy_Portal_Project OWASP Academy Portal Project]
+
*[[OWASP_PHP_Security_Training_Project|OWASP PHP Security Training Project]]
* [https://www.owasp.org/index.php/OWASP_ASIDE_Project OWASP ASIDE Project]
+
*[[OWASP_Online_Academy#tab=Main | OWASP Online Academy]]
* [https://www.owasp.org/index.php/OWASP_iGoat_Project OWASP iGoat Project]
 
* [https://www.owasp.org/index.php/OWASP_SamuraiWTF_Project OWASP SamuraiWTF]
 
* [https://www.owasp.org/index.php/O-Saft O-Saft]
 
* [https://www.owasp.org/index.php/OWASP_OpenStack_Security_Project OWASP OpenStack Security Project]
 
* [https://www.owasp.org/index.php/OWASP_Bricks OWASP Bricks]
 
* [https://www.owasp.org/index.php/OWASP_Dependency_Check OWASP Dependency Check]
 
* [https://www.owasp.org/index.php/OWASP_Hive_Project OWASP Hive Project]
 
* [https://www.owasp.org/index.php/OWASP_Droid_Fusion OWASP Droid Fusion]
 
* [https://www.owasp.org/index.php/OWASP_iSABEL_Proxy_Server OWASP iSABEL Proxy Server]
 
* [https://www.owasp.org/index.php/OWASP_Rails_Goat_Project OWASP Rails Goat Project]
 
* [https://www.owasp.org/index.php/OWASP_Bywaf_Project OWASP Bywaf Project]
 
* [https://www.owasp.org/index.php/OWASP_S.T.I.N.G_Project OWASP S.T.I.N.G Project]
 
* [https://www.owasp.org/index.php/OWASP_VaultDB_Project OWASP VaultDB Project]
 
* [https://www.owasp.org/index.php/OWASP_WS_Amplification_DoS_Project OWASP WS-Amplification DoS Project]
 
* [https://www.owasp.org/index.php/OWASP_Mutillidae_2_Project OWASP Mutillidae 2 Project]
 
* [https://www.owasp.org/index.php/OWASP_Skanda_SSRF_Exploitation_Framework OWASP Skanda - SSRF Exploitation Framework]
 
* [https://www.owasp.org/index.php/OWASP_SeraphimDroid_Project OWASP SeraphimDroid Project]
 
* [https://www.owasp.org/index.php/OWASP_Unmaskme_Project OWASP Unmaskme Project]
 
* [https://www.owasp.org/index.php/OWASP_Androick_Project OWASP Androïck Project]
 
* [https://www.owasp.org/index.php/OWASP_SafeNuGet_Project OWASP SafeNuGet Project]
 
* [https://www.owasp.org/index.php/OWASP_WebSandBox_Project OWASP WebSandBox Project]
 
* [https://www.owasp.org/index.php/OWASP_HA_Vulnerability_Scanner_Project OWASP HA Vulnerability Scanner Project]
 
* [https://www.owasp.org/index.php/OWASP_Dependency_Track_Project OWASP Dependency Track Project]
 
* [https://www.owasp.org/index.php/OWASP_PHP_Portscanner_Project OWASP PHP Portscaner Project]
 
* [https://www.owasp.org/index.php/OWASP_Java_HTML_Sanitizer OWASP Java HTML Sanitizer Project]
 
* [https://www.owasp.org/index.php/OWASP_Pygoat_Project OWASP Pygoat Project]
 
* [https://www.owasp.org/index.php/OWASP_Python_Security_Project OWASP Python Security Project]
 
* [https://www.owasp.org/index.php/OWASP_WebSpa_Project OWASP WebSpa Project]
 
* [https://www.owasp.org/index.php/OWASP_Financial_Information_Exchange_Security_Project OWASP Financial Information Exchange Security Project]
 
* [https://www.owasp.org/index.php/OWASP_STeBB_Project OWASP STeBB Project]
 
* [https://www.owasp.org/index.php/OWASP_NINJA_PingU_Project OWASP NINJA PingU Project]
 
* [https://www.owasp.org/index.php/OWASP_Encoder_Comparison_Reference_Project OWASP Encoder Comparison Reference Project]
 
* [https://www.owasp.org/index.php/Category:OWASP_SQLiX_Project OWASP sqliX Project]
 
* [https://www.owasp.org/index.php/OWASP_LAPSE_Project OWASP LAPSE Project]
 
* [https://www.owasp.org/index.php/Category:OWASP_Orizon_Project OWASP Orizon Project]
 
* [https://www.owasp.org/index.php/OWASP_WASC_Distributed_Web_Honeypots_Project OWASP WASC Distributed Web Honeypots Project]
 
* [https://www.owasp.org/index.php/OWASP_Click_Me_Project OWASP Click Me Project]
 
* [https://www.owasp.org/index.php/OWASP_Secure_TDD_Project OWASP Secure TDD Project]
 
* [https://www.owasp.org/index.php/OWASP_XSecurity_Project OWASP XSecurity Project]
 
* [https://www.owasp.org/index.php/OWASP_Pyttacker_Project OWASP Pyttacker Project]
 
* [https://www.owasp.org/index.php/OWASP_Java_XML_Templates_Project OWASP Java XML Templates Project]
 
* [https://www.owasp.org/index.php/OWASP_Code_Pulse_Project OWASP Code Pulse Project]
 
  
'''Documentation'''
 
* [https://www.owasp.org/index.php/OWASP_Data_Exchange_Format_Project OWASP Data Exchange Format Project]
 
* [https://www.owasp.org/index.php/Cheat_Sheets OWASP Cheat Sheets Project]
 
* [https://www.owasp.org/index.php/OWASP_Proactive_Controls OWASP Proactive Controls]
 
* [https://www.owasp.org/index.php/OWASP_Security_Baseline_Project OWASP Security Baseline Project]
 
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Requirements_Project OWASP Application Security Requirements Project]
 
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Assessment_Standards_Project OWASP Application Security Assessment Standards Project]
 
* [https://www.owasp.org/index.php/Category:OWASP_CBT_Project OWASP Computer Based Training Project (OWASP CBT Project)]
 
* [https://www.owasp.org/index.php/OWASP_Enterprise_Application_Security_Project OWASP Enterprise Application Security Project]
 
* [https://www.owasp.org/index.php/OWASP_Exams_Project OWASP Exams Project]
 
* [https://www.owasp.org/index.php/Projects/OWASP_GoatDroid_Project OWASP GoatDroid Project]
 
* [https://www.owasp.org/index.php/OWASP_RFP-Criteria OWASP Request For Proposal]
 
* [https://www.owasp.org/index.php/OWASP_University_Challenge OWASP University Challenge]
 
* [https://www.owasp.org/index.php/OWASP_Hacking_Lab OWASP Hacking-Lab]
 
* [https://www.owasp.org/index.php/OWASP_Application_Security_Awareness_Top_10_E-learning_Project OWASP Application Security Awareness Top 10 E-learning Project]
 
* [https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities OWASP Periodic Table of Vulnerabilities]
 
* [https://www.owasp.org/index.php/WASC_OWASP_Web_Application_Firewall_Evaluation_Criteria_Project WASC/OWASP Web Application Firewall Evaluation Criteria (WAFEC)]
 
* [https://www.owasp.org/index.php/ESAPI_Swingset OWASP ESAPI Swingset Project]
 
* [https://www.owasp.org/index.php/OWASP_Press OWASP Press]
 
* [https://www.owasp.org/index.php/OWASP_CISO_Survey OWASP CISO Survey]
 
* [https://www.owasp.org/index.php/OWASP_Application_Security_Guide_For_CISOs_Project OWASP Application Security Guide For CISOs]
 
* [https://www.owasp.org/index.php/OWASP_Scada_Security_Project OWASP Scada Security Project]
 
* [https://www.owasp.org/index.php/OWASP_Cornucopia OWASP Cornucopia]
 
* [https://www.owasp.org/index.php/OWASP_Secure_Application_Design_Project OWASP Secure Application Design Project]
 
* [https://www.owasp.org/index.php/OWASP_Top_10_Fuer_Entwickler_Project OWASP Top 10 Fuer Entwickler Project]
 
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Quick_Reference_Guide_Project OWASP Web Application Security Quick Reference Guide Project]
 
* [https://www.owasp.org/index.php/OWASP_Windows_Binary_Executable_Files_Security_Checks_Project OWASP Windows Binary Executable Files Security Checks Project]
 
* [https://www.owasp.org/index.php/OWASP_Wordpress_Security_Checklist_Project OWASP Wordpress Security Checklist Project]
 
* [https://www.owasp.org/index.php/OWASP_Supporting_Legacy_Web_Applications_in_the_Current_Environment_Project OWASP Supporting Legacy Web Applications in the Current Environment Project]
 
* [https://www.owasp.org/index.php/OWASP_Security_Principles_Project OWASP Security Principles Project]
 
* [https://www.owasp.org/index.php/OWASP_Ruby_on_Rails_and_friends_Security_Guide OWASP Ruby on Rails and friends Security Guide Project]
 
* [https://www.owasp.org/index.php/OWASP_Media_Project OWASP Media Project]
 
* [https://www.owasp.org/index.php/OWASP_Global_Chapter_Meetings_Project OWASP Global Chapter Meetings Project]
 
* [https://www.owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project OWASP Vulnerable Web Applications Directory Project]
 
* [https://www.owasp.org/index.php/OWASP_Game_Security_Framework_Project OWASP Game Security Framework Project]
 
* [https://www.owasp.org/index.php/OWASP_Security_Labeling_System_Project OWASP Security Labeling System Project]
 
* [https://www.owasp.org/index.php/OWASP_IoTs_Project OWASP IoTs Project]
 
* [https://www.owasp.org/index.php/OWASP_Insecure_Web_Components_Project OWASP Insecure Web Components Project]
 
* [https://www.owasp.org/index.php/OWASP_Reverse_Engineering_and_Code_Modification_Prevention_Project OWASP Reverse Engineering and Code Modification Prevention Project]
 
* [https://www.owasp.org/index.php/OWASP_Student_Chapters_Program OWASP Student Chapters Project]
 
* [https://www.owasp.org/index.php/Category:OWASP_Education_Project OWASP Education Project]
 
* [https://www.owasp.org/index.php/Category:OWASP_Speakers_Project OWASP Speakers Project]
 
* [https://www.owasp.org/index.php/OWASP_Internet_of_Things_Top_Ten_Project OWASP Internet of Things Top Ten Project]
 
* [https://www.owasp.org/index.php/Category:OWASP_.NET_Project OWASP .NET Project]
 
* [https://www.owasp.org/index.php/OWASP_Research_Book_Project OWASP Research Book Project]
 
* [https://www.owasp.org/index.php/OWASP_Open_Cyber_Security_Framework_Project OWASP Open Cyber Security Framework Project]
 
* [https://www.owasp.org/index.php/OWASP_ISO_Project OWASP ISO Project]
 
* [https://www.owasp.org/index.php/OWASP_Top_10_Privacy_Risks_Project OWASP Top 10 Privacy Risks Project]
 
* [https://www.owasp.org/index.php/OWASP_WASC_Web_Hacking_Incidents_Database_Project OWASP WASC Web Hacking Incidents Database Project]
 
* [https://www.owasp.org/index.php/OWASP_Security_Frameworks_Project OWASP Security Frameworks Project]
 
* [https://www.owasp.org/index.php/OWASP_Incident_Response_Project OWASP Incident Response Project]
 
* [https://www.owasp.org/index.php/OWASP_Embedded_Application_Security OWASP Embedded Application Security]
 
* [https://www.owasp.org/index.php/OWASP_STING_Game_Project OWASP STING Game Project]
 
  
 
</font>
 
</font>
Line 181: Line 138:
 
<font size=2pt>
 
<font size=2pt>
 
==Labs Projects==
 
==Labs Projects==
 +
 +
[[File:Lab banner.jpg]]
  
 
OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.
 
OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.
  
 +
===Thumbs up===
 +
Thumbs up are given to LAB projects showing a steady progress in their development, had very active and continuous releases and commits, regular update of information on their wiki page and have quite complete documentation. These projects are almost ready to become flagship
 +
 +
====Tools [Reviewed February 2015]====
 +
* [[O-Saft|O-Saft]]
 +
* [[OWASP_Dependency_Track_Project|OWASP Dependency Track Project]]
 +
* [[:Category:OWASP_EnDe|OWASP EnDe Project]]
 +
* [[OWASP_Hackademic_Challenges_Project|OWASP Hackademic Challenges Project]]
 +
* [[OWASP_Mantra_-_Security_Framework|OWASP Mantra Security Framework]]
 +
* [[OWASP_Mobile_Security_Project|OWASP Mobile Security Project]]
 +
* [[OWASP_O2_Platform|OWASP O2 Platform]]
 +
* [[OWASP_Passfault|OWASP Passfault]]
 +
* [https://www.owasp.org/index.php/Category:OWASP_Security_Ninjas_AppSec_Training_Program OWASP Security Ninjas Appsec Training]
 +
* [[OWASP_Security_Shepherd|OWASP Security Shepherd]]
 +
* [[:Category:OWASP WebGoat Project|OWASP WebGoat Project]]
 +
* [[OWASP_Xenotix_XSS_Exploit_Framework|OWASP Xenotix XSS Exploit Framework]]
 +
* [[OWASP_iMAS_iOS_Mobile_Application_Security_Project|OWASP iMAS - iOS Mobile Application Security Project]]
 +
*[[OWASP_Juice_Shop_Project|OWASP Juice Shop Project]][[File:Thumbsup.png|15px]]
  
'''Tools'''
+
====Documentation [In Progress-Results by February/March 2015] ====
* [https://www.owasp.org/index.php/OWASP_OWTF OWASP OWTF]
 
* [https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project OWASP Broken Web Applications Project]
 
* [https://www.owasp.org/index.php/Category:OWASP_CSRFTester_Project OWASP CSRFTester Project]
 
* [https://www.owasp.org/index.php/Category:OWASP_EnDe OWASP EnDe Project]
 
* [https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project OWASP Hackademic Challenges Project]
 
* [https://www.owasp.org/index.php/OWASP_HTTP_Post_Tool OWASP HTTP POST Tool]
 
* [https://www.owasp.org/index.php/OWASP_Mantra_-_Security_Framework OWASP Mantra Security Framework]
 
* [https://www.owasp.org/index.php/Category:OWASP_Mutillidae OWASP Mutillidae Project]
 
* [https://www.owasp.org/index.php/OWASP_O2_Platform OWASP O2 Platform]
 
* [https://www.owasp.org/index.php/Project_Information:template_Vicnum_Project OWASP Vicnum Project]
 
* [https://www.owasp.org/index.php/Category:OWASP_Wapiti_Project OWASP Wapiti Project]
 
* [https://www.owasp.org/index.php/Project_Information:template_Yasca_Project OWASP Yasca Project]
 
* [https://www.owasp.org/index.php?title=OWASP_Web_Testing_Environment_Project OWASP Web Testing Environment Project]
 
* [https://www.owasp.org/index.php/Webgoat OWASP WebGoat Project]
 
* [https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project OWASP Zed Attack Proxy]
 
  
 +
* [[OWASP_Application_Security_Guide_For_CISOs_Project|OWASP Application Security Guide For CISOs]]
 +
* [[Cheat_Sheets|OWASP Cheat Sheets Project]] [[File:Thumbsup.png|15px]]
 +
* [[OWASP_CISO_Survey|OWASP CISO Survey]]
 +
* [[:Category:OWASP_Code_Review_Project|OWASP Code Review Guide Project]]
 +
* [[OWASP_Codes_of_Conduct|OWASP Codes of Conduct]]
 +
* [[OWASP_Cornucopia|OWASP Cornucopia]]
 +
* [[:Category:OWASP_Guide_Project|OWASP Development Guide Project]]
 +
* [[OWASP_Podcast|OWASP Podcast Project]]
 +
* [[OWASP_Proactive_Controls|OWASP Proactive Controls]]
 +
* [[OWASP_Internet_of_Things_Top_Ten_Project|OWASP Internet of Things Top Ten Project]]
 +
* [[OWASP_Top_10_Privacy_Risks_Project|OWASP Top 10 Privacy Risks Project]]
  
'''Documentation'''
+
====Contests====
* [https://www.owasp.org/index.php/OWASP_Appsec_Tutorial_Series OWASP AppSec Tutorial Series]
+
*[[OWASP_University_Challenge|OWASP University Challenge]]  
* [https://www.owasp.org/index.php/OWASP_AppSensor_Project OWASP AppSensor Project]
+
* [[:Category:OWASP_CTF_Project|OWASP CTF Project]]
* [https://www.owasp.org/index.php/Category:OWASP_CTF_Project OWASP CTF Project]
 
* [https://www.owasp.org/index.php/Category:OWASP_Legal_Project OWASP Legal Project]
 
* [https://www.owasp.org/index.php/OWASP_Podcast OWASP Podcast Project]
 
* [https://www.owasp.org/index.php/Virtual_Patching_Best_Practices Virtual Patching Best Practices]
 
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Verification_Standard_Project OWASP Application Security Verification Standard Project]
 
* [https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project OWASP Code Review Guide Project]
 
* [https://www.owasp.org/index.php/OWASP_Codes_of_Conduct OWASP Codes of Conduct]
 
* [https://www.owasp.org/index.php/Category:OWASP_Guide_Project OWASP Development Guide Project]
 
* [https://www.owasp.org/index.php/OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide OWASP Secure Coding Practices - Quick Reference Guide]
 
* [https://www.owasp.org/index.php/Category:Software_Assurance_Maturity_Model OWASP Software Assurance Maturity Model (SAMM)]
 
* [https://www.owasp.org/index.php/OWASP_Testing_Project OWASP Testing Guide Project]
 
* [https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP Top Ten Project]
 
  
'''Code'''
+
====Code [Reviewed February 2015]====
* [https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project OWASP AntiSamy Project]
+
* [[:Category:OWASP_Enterprise_Security_API|OWASP Enterprise Security API]]
* [https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API OWASP Enterprise Security API]
+
* [[OWASP_Python_Security_Project|OWASP Python Security Project]]
* [https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project OWASP ModSecurity Core Rule Set Project]
 
* [https://www.owasp.org/index.php/Category:OWASP_CSRFGuard_Project OWASP CSRFGuard Project]
 
  
= Flagship Projects  =
+
======Low Activity (LABS)[Reviewed February 2015] ======
<font size=2pt>
+
[[File:low_activity.jpg]]
==Flagship Projects==
 
  
The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.
+
These projects had no releases in at least a year, however have shown to be valuable tools
 
  
 +
'''Code [Low Activity]'''
 +
* [[Project_Information:template_Vicnum_Project|OWASP Vicnum Project]]
 +
* [[OWASP_Broken_Web_Applications_Project|OWASP Broken Web Applications Project]]
 +
* [[OWASP_Joomla_Vulnerability_Scanner_Project]]
  
'''Code'''
+
'''Documentation [Low Activity]'''
 +
* [[OWASP_Appsec_Tutorial_Series|OWASP AppSec Tutorial Series]]
 +
* [[:Category:OWASP_Legal_Project|OWASP Legal Project]]
 +
* [[Virtual_Patching_Best_Practices|Virtual Patching Best Practices]]
 +
* [[OWASP_Secure_Coding_Practices_-_Quick_Reference_Guide|OWASP Secure Coding Practices - Quick Reference Guide]]
  
 +
= Flagship Projects  =
 +
<font size=2pt>
 +
==Flagship Projects==
 +
[[File:Flagship_banner.jpg]]
  
 +
The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole.
 +
After a major review process [[https://www.owasp.org/index.php/LAB_Projects_Code_Analysis_Report More info here]] the following projects are considered to be flagship candidate projects. These project have been evaluated more deeply to confirm their flagship status:
  
'''Tools'''
+
====Tools [Reviewed September 2014]====
  
 +
* [[OWASP_Zed_Attack_Proxy_Project|OWASP Zed Attack Proxy]]
 +
* [[OWASP_Web_Testing_Environment_Project|OWASP Web Testing Environment Project]]
 +
* [[OWASP_OWTF|OWASP OWTF]]
 +
* [[OWASP_Dependency_Check|OWASP Dependency Check]]
  
 +
====Code [Reviewed November 2014]====
 +
* [[:Category:OWASP_ModSecurity_Core_Rule_Set_Project|OWASP ModSecurity Core Rule Set Project]]
 +
* [[:Category:OWASP_CSRFGuard_Project|OWASP CSRFGuard Project]]
 +
* [[OWASP_AppSensor_Project|OWASP AppSensor Project]]
  
'''Documentation'''
+
====Documentation[Reviewed February 2015] in progress====
 +
* [[:Category:OWASP_Application_Security_Verification_Standard_Project|OWASP Application Security Verification Standard Project]]
 +
* [[:Category:Software_Assurance_Maturity_Model|OWASP Software Assurance Maturity Model (SAMM)]]
 +
* [[OWASP_AppSensor_Project|OWASP AppSensor Project]]
 +
* [[:Category:OWASP_Top_Ten_Project|OWASP Top Ten Project]]
 +
* [[OWASP_Testing_Project|OWASP Testing Guide Project]]
  
 
= Archived Projects  =
 
= Archived Projects  =
Line 250: Line 234:
 
OWASP Archived Projects are inactive Labs projects. If you are interested in pursuing any of the projects below, please contact us and let us know of your interest.   
 
OWASP Archived Projects are inactive Labs projects. If you are interested in pursuing any of the projects below, please contact us and let us know of your interest.   
  
 +
* [https://www.owasp.org/index.php/OWASP_WebSandBox_Project OWASP WebSandBox Project]
 +
* [https://www.owasp.org/index.php/OWASP_Focus OWASP Focus]
 +
* [https://www.owasp.org/index.php/Opa OWASP OPA]
 +
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Quick_Reference_Guide_Project OWASP Web Application Security Quick Reference Guide Project]
 +
* [https://www.owasp.org/index.php/OWASP_Application_Security_Awareness_Top_10_E-learning_Project OWASP Application Security Awareness Top 10 E-learning Project]
 +
* [https://www.owasp.org/index.php/Category:OWASP_CSRFTester_Project OWASP CSRFTester Project]
 +
* [https://www.owasp.org/index.php/Category:OWASP_Wapiti_Project OWASP Wapiti Project]
 +
* [https://www.owasp.org/index.php/OWASP_S.T.I.N.G_Project OWASP S.T.I.N.G Project]
 +
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Assessment_Standards_Project OWASP Application Security Assessment Standards Project]
 +
* [https://www.owasp.org/index.php/OWASP_XSSER OWASP XSSER]
 +
* [https://www.owasp.org/index.php/OWASP_Passw3rd_Project OWASP Passw3rd Project]
 +
* [https://www.owasp.org/index.php/Category:OWASP_CBT_Project OWASP Computer Based Training Project (OWASP CBT Project)]
 +
* [https://www.owasp.org/index.php/Category:OWASP_Application_Security_Requirements_Project OWASP Application Security Requirements Project]
 +
* [https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project OWASP AntiSamy Project]
 +
* [https://www.owasp.org/index.php/OWASP_Ultimatum_Project OWASP Ultimatum Project]
 +
* [https://www.owasp.org/index.php/OWASP_STeBB_Project OWASP STeBB Project]
 +
* [https://www.owasp.org/index.php/OWASP_Security_Labeling_System_Project OWASP Security Labeling System Project]
 +
* [https://www.owasp.org/index.php/OWASP_Pygoat_Project OWASP Pygoat Project]
 +
* [https://www.owasp.org/index.php/OWASP_HA_Vulnerability_Scanner_Project OWASP HA Vulnerability Scanner Project]
 +
* [https://www.owasp.org/index.php/OWASP_Unmaskme_Project OWASP Unmaskme Project]
 +
* [https://www.owasp.org/index.php/OWASP_Simple_Host_Base_Incidence_Detection_System_Project OWASP Simple Host Base Incidence Detection System Project]
 +
* [https://www.owasp.org/index.php/OWASP_Wordpress_Security_Checklist_Project OWASP Wordpress Security Checklist Project]
 +
* [https://www.owasp.org/index.php/OWASP_Windows_Binary_Executable_Files_Security_Checks_Project OWASP Windows Binary Executable Files Security Checks Project]
 +
* [https://www.owasp.org/index.php/OWASP_WS_Amplification_DoS_Project OWASP WS-Amplification DoS Project]
 +
* [https://www.owasp.org/index.php/OWASP_iSABEL_Proxy_Server OWASP iSABEL Proxy Server]
 +
* [https://www.owasp.org/index.php/OWASP_Droid_Fusion OWASP Droid Fusion]
 
* [https://www.owasp.org/index.php/OWASP_Java_J2EE_Secure_Development_Curriculum OWASP Java/J2EE Secure Development Curriculum]
 
* [https://www.owasp.org/index.php/OWASP_Java_J2EE_Secure_Development_Curriculum OWASP Java/J2EE Secure Development Curriculum]
 
* [https://www.owasp.org/index.php/OWASP_OctoMS OWASP OctoMS]
 
* [https://www.owasp.org/index.php/OWASP_OctoMS OWASP OctoMS]
Line 344: Line 354:
 
* [https://www.owasp.org/index.php/OWASP_Software_Security_Assurance_Process OWASP Software Security Assurance Process]
 
* [https://www.owasp.org/index.php/OWASP_Software_Security_Assurance_Process OWASP Software Security Assurance Process]
 
* [https://www.owasp.org/index.php/OWASP_Application_Fuzzing_Framework_Project OWASP Application Fuzzing Framework Project]
 
* [https://www.owasp.org/index.php/OWASP_Application_Fuzzing_Framework_Project OWASP Application Fuzzing Framework Project]
 +
* [https://www.owasp.org/index.php/OWASP_IoTs_Project OWASP IoTs Project]
 +
* [https://www.owasp.org/index.php/ESAPI_Swingset OWASP ESAPI Swingset Project]
 +
* [https://www.owasp.org/index.php/OWASP_VaultDB_Project OWASP VaultDB Project]
 +
* [https://www.owasp.org/index.php/Category:OWASP_Mutillidae OWASP Mutillidae Project]
 +
* [https://www.owasp.org/index.php/Project_Information:template_Yasca_Project OWASP Yasca Project]
 +
* [https://www.owasp.org/index.php/OWASP_Exams_Project OWASP Exams Project]
 +
* [https://www.owasp.org/index.php/OWASP_Security_Baseline_Project OWASP Security Baseline Project]
 +
* [https://www.owasp.org/index.php/OWASP_OpenStack_Security_Project OWASP OpenStack Security Project]
 +
* [https://www.owasp.org/index.php/OWASP_File_Format_Validation_Project OWASP File Format Validation Project]
 +
* [[OWASP_SonarQube_Project|OWASP SonarQube Project]]
  
 
</font>
 
</font>
Line 352: Line 372:
 
* [https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project OWASP AntiSamy Project]
 
* [https://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project OWASP AntiSamy Project]
 
* [https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API OWASP Enterprise Security API]
 
* [https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API OWASP Enterprise Security API]
* [https://www.owasp.org/index.php/Projects/OWASP_ModSecurity_Core_Rule_Set_Project OWASP ModSecurity Core Rule Set Project]
+
* [https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project OWASP ModSecurity Core Rule Set Project]
 
* [https://www.owasp.org/index.php/Category:OWASP_CSRFGuard_Project OWASPCSRF Guard Project]
 
* [https://www.owasp.org/index.php/Category:OWASP_CSRFGuard_Project OWASPCSRF Guard Project]
 
* [https://www.owasp.org/index.php/Opa OWASP OPA]
 
* [https://www.owasp.org/index.php/Opa OWASP OPA]
Line 375: Line 395:
 
* [https://www.owasp.org/index.php/OWASP_ISO_IEC_27034_Application_Security_Controls_Project OWASP ISO/IEC 27034 Application Security Controls Project]
 
* [https://www.owasp.org/index.php/OWASP_ISO_IEC_27034_Application_Security_Controls_Project OWASP ISO/IEC 27034 Application Security Controls Project]
 
* [https://www.owasp.org/index.php/OWASP_Ultimatum_Project OWASP Ultimatum Project]
 
* [https://www.owasp.org/index.php/OWASP_Ultimatum_Project OWASP Ultimatum Project]
 +
* [https://www.owasp.org/index.php/OWASP_Hardened_Phalcon_Project OWASP Hardened Phalcon Project]
 +
* [https://www.owasp.org/index.php/OWASP_Faux_Bank_Project OWASP Faux Bank Project]
  
 
==Tools==
 
==Tools==
Line 437: Line 459:
 
* [https://www.owasp.org/index.php/OWASP_NINJA_PingU_Project OWASP NINJA PingU Project]
 
* [https://www.owasp.org/index.php/OWASP_NINJA_PingU_Project OWASP NINJA PingU Project]
 
* [https://www.owasp.org/index.php/OWASP_Encoder_Comparison_Reference_Project OWASP Encoder Comparison Reference Project]
 
* [https://www.owasp.org/index.php/OWASP_Encoder_Comparison_Reference_Project OWASP Encoder Comparison Reference Project]
 +
*[https://www.owasp.org/index.php/OWASP_PHP_Security_Training_Project OWASP PHP Security Training Project]
 +
*[https://www.owasp.org/index.php/Projects/OWASP_iOSForensic OWASP iOSForensic]
 +
*[https://www.owasp.org/index.php/OWASP_Project_Metrics OWASP Project Metrics]
 +
*[https://www.owasp.org/index.php/OWASP_Store_Sheep_Project OWASP Store Sheep Project]
 +
*[https://www.owasp.org/index.php/OWASP_SonarQube_Project OWASP SonarQube Project]
 +
*[https://www.owasp.org/index.php/OWASP_URL_Checker OWASP URL Checker]
 +
*[https://www.owasp.org/index.php/OWASP_Juice_Shop_Project OWASP Juice Shop]
  
 
==Documentation==
 
==Documentation==
Line 479: Line 508:
 
* [https://www.owasp.org/index.php/OWASP_Secure_Application_Design_Project OWASP Secure Application Design Project]
 
* [https://www.owasp.org/index.php/OWASP_Secure_Application_Design_Project OWASP Secure Application Design Project]
 
* [https://www.owasp.org/index.php/OWASP_Top_10_Fuer_Entwickler_Project OWASP Top 10 Fuer Entwickler Project]
 
* [https://www.owasp.org/index.php/OWASP_Top_10_Fuer_Entwickler_Project OWASP Top 10 Fuer Entwickler Project]
 +
* [https://www.owasp.org/index.php/OWASP_Top_10_Privacy_Risks_Project OWASP Top 10 Privacy Risks]
 
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Quick_Reference_Guide_Project OWASP Web Application Security Quick Reference Guide Project]
 
* [https://www.owasp.org/index.php/OWASP_Web_Application_Security_Quick_Reference_Guide_Project OWASP Web Application Security Quick Reference Guide Project]
 
* [https://www.owasp.org/index.php/OWASP_Windows_Binary_Executable_Files_Security_Checks_Project OWASP Windows Binary Executable Files Security Checks Project]
 
* [https://www.owasp.org/index.php/OWASP_Windows_Binary_Executable_Files_Security_Checks_Project OWASP Windows Binary Executable Files Security Checks Project]
Line 500: Line 530:
 
* [https://www.owasp.org/index.php/OWASP_Research_Book_Project OWASP Research Book Project]
 
* [https://www.owasp.org/index.php/OWASP_Research_Book_Project OWASP Research Book Project]
 
* [https://www.owasp.org/index.php/OWASP_Open_Cyber_Security_Framework_Project OWASP Open Cyber Security Framework Project]
 
* [https://www.owasp.org/index.php/OWASP_Open_Cyber_Security_Framework_Project OWASP Open Cyber Security Framework Project]
 
+
* [https://www.owasp.org/index.php/OWASP_Top_Trumps_for_Projects OWASP Top Trumps for Projects]
  
 
<headertabs />
 
<headertabs />

Latest revision as of 23:13, 5 April 2018

Redirect to:



Owasp banner web pro.jpg
Owasp Dev Guide-2.png

Incubator banner.jpg

OWASP Incubator projects represent the experimental playground where projects are still being fleshed out, ideas are still being proven, and development is still underway. The “OWASP Incubator” label allows OWASP consumers to readily identify a project’s maturity. The label also allows project leaders to leverage the OWASP name while their project is still maturing.

Thumbs up

Thumbs up are given to incubator projects showing a steady progress in their development, had continuous releases and commits or have delivered a complete product, including open source repository location, basic user guidelines and documentation


Code [Reviewed March 2015]

Code: Low Activity

Research

Tools [Reviewed last: May 2015]

Documentation[Review: May 2015]

Educational Initiatives




                                                                                                                             

Labs Projects

Lab banner.jpg

OWASP Labs projects represent projects that have produced a deliverable of value. While these projects are typically not production ready, the OWASP community expects that an OWASP Labs project leader is producing releases that are at least ready for mainstream usage.

Thumbs up

Thumbs up are given to LAB projects showing a steady progress in their development, had very active and continuous releases and commits, regular update of information on their wiki page and have quite complete documentation. These projects are almost ready to become flagship

Tools [Reviewed February 2015]

Documentation [In Progress-Results by February/March 2015]

Contests

Code [Reviewed February 2015]

Low Activity (LABS)[Reviewed February 2015]

Low activity.jpg

These projects had no releases in at least a year, however have shown to be valuable tools

Code [Low Activity]

Documentation [Low Activity]

Flagship Projects

Flagship banner.jpg

The OWASP Flagship designation is given to projects that have demonstrated strategic value to OWASP and application security as a whole. After a major review process [More info here] the following projects are considered to be flagship candidate projects. These project have been evaluated more deeply to confirm their flagship status:

Tools [Reviewed September 2014]

Code [Reviewed November 2014]

Documentation[Reviewed February 2015] in progress

Archived Projects

OWASP Archived Projects are inactive Labs projects. If you are interested in pursuing any of the projects below, please contact us and let us know of your interest.

Code

Tools

Documentation