This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit


Revision as of 15:59, 12 May 2014 by Kait Disney-Leugers (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

OWASP Inactive Banner.jpg
OWASP Project Header.jpg


OWASP STeBB is a free and opensource security testing browser bundle


OWASP STeBB ( Security Testing Browser Bundle ) is an all in one web security toolkit for web application security testers. Built over Mozilla Firefox, this Linux based open source browser bundle comes with a vast array of awesome tools that help you secure your web application. STeBB runs in Debian based Linux distributions and can be used to security test your web applications


OWASP STeBB comes with the following set of tools

  • Intercepting Proxy - OWASP ZAP
  • Intercepting Proxy - OWASP WebScarab
  • Vulnerability Scanner - Nikto
  • Brute Forcer - OWASP WebSlayer
  • Brute Forcer - Wfuzz
  • Anonymous Browsing - Integrated Tor
  • Tutorials - OWASP Documentations
  • Direct Shell Access
  • Access to System Utilities
  • PenTesting Checklist
  • HTML5 Report Generator
  • Vulnerability Databases
  • anonymoX
  • Awesome Screenshot
  • IRC Chat - ChatZilla
  • CipherFox
  • Clear Console
  • Cookies Manager+
  • Cookie Monster
  • CryptoFox
  • Email Extractor
  • Firebug
  • FireFlow
  • FireFTP
  • FireSSH
  • Greasemonkey
  • Groundspeed
  • HttpRequester
  • HackBar
  • HackSearch
  • Header Spy
  • HttpFox
  • Java Deobfuscator
  • Library Detector
  • LinkSidebar
  • Proxy Selector
  • Proxy Tool
  • RefControl
  • RESTClient
  • Session Manager
  • SQL Inject Me
  • SQLite Manager
  • User Agent Switcher
  • Wappalyzer
  • Web Developer
  • Xinha Here!
  • XSS Me


OWASP STeBB is free to use. It is licensed under the Apache 2.0. licencse

What is STeBB?

OWASP STeBB provides:

  • easy access to a variety of tools
  • cost effective way to security test your website



Project Leaders

Sreenath Sasikumar

Rejah Rehim

Related Projects

Quick Download

News and Events

In Print


Owasp-incubator-trans-85.png Owasp-builders-small.png
Project Type Files CODE.jpg
Why should I use STeBB?
STeBB can save you from a lot of effort needed to install and configure various tools. Moreover this is free and can save a lot of investments
Would this work in Windows?
No, this would work only in Debian based Linux distributions
Should I install the software for this to work?
No, there is a portable version which you can carry in your USB drive which needs no installation
What dependencies does it have to work properly?
STeBB takes care of a lot of such stuff while installation. However, you would need Java installed in your machine.


OWASP STeBB is developed by a team of volunteers. The primary contributors to date have been:

As of 2014 December, the priorities are:

  • creating a 64 bit portable version of the software
  • creating a 64 bit installable version of the software

Involvement in the development and promotion of OWASP STeBB is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:

  • Recommending STeBB to your friends for security testing
  • Sharing about STeBB in your social media
  • Suggesting new tool integrations to make this better

What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: OWASP STeBB Project
Purpose: The project is a tool which would be delivered as an executable ( eg: ). It is not a documentation. It would be software tool which can be downloaded/installed and used to security test web applications.
License: Apache 2.0
who is working on this project?
Project Leader(s):
  • sreenath sasikumar @
  • Rejah Rehim @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact sreenath sasikumar @ to contribute to this project
  • Contact sreenath sasikumar @ to review or sponsor this project
current release
Not Yet Published
last reviewed release
Not Yet Reviewed

other releases