wrongsecrets

Vulnerable app with examples showing how to not use secrets

created at Aug. 19, 2020, 5:59 a.m.

16

995

212

owasp-mastg

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

created at Sept. 30, 2016, 8:22 a.m.

417

10,685

2,213

OFFAT

The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.

created at Sept. 25, 2023, 7:32 p.m.

9

243

32

owasp-mstg

The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

created at Sept. 30, 2016, 8:22 a.m.

397

9,202

1,971

glue

Application Security Automation

created at Aug. 27, 2015, 3:15 p.m.

35

179

47

Amass

In-depth Attack Surface Mapping and Asset Discovery

created at July 10, 2018, 4:05 p.m.

195

8,543

1,558

DVSA

a Damn Vulnerable Serverless Application

created at Dec. 21, 2018, 2:21 p.m.

12

58

5

CheatSheetSeries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

created at Dec. 21, 2018, 2:26 p.m.

569

26,327

3,700

OWASP-Testing-Guide-v5

The OWASP Testing Guide includes a "best practice" penetration testing framework which users can implement in their own organizations and a "low level" penetration testing guide that describes techniques for testing most common web application and web service security issues.

created at May 14, 2017, 11:20 p.m.

60

379

123

Go-SCP

Go programming language secure coding practices guide

created at April 3, 2017, 12:16 p.m.

127

3,180

193

SecureTea-Project

The OWASP SecureTea Project provides a one-stop security solution for various devices (personal computers / servers / IoT devices)

created at March 20, 2018, 2:32 p.m.

20

98

53

owasp-masvs

The Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security.

created at Sept. 8, 2016, 6:17 a.m.

45

540

158

API-Security

OWASP API Security Project

created at Jan. 10, 2019, 7:05 p.m.

138

1,426

299

wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

created at May 14, 2017, 11:20 p.m.

251

4,445

942

D4N155

OWASP D4N155 - Intelligent and dynamic wordlist using OSINT

created at March 21, 2019, 2:37 p.m.

18

56

12

IoTGoat

IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices.

created at Oct. 3, 2019, 6:39 p.m.

10

109

17

Nettacker

Automated Penetration Testing Framework

created at April 21, 2017, 12:14 p.m.

67

1,292

422

Top10

Official OWASP Top 10 Document Repository

created at Aug. 30, 2016, 3:46 p.m.

219

2,242

464

DevSecOpsGuideline

The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.

created at May 15, 2020, 3:45 p.m.

20

270

59

crAPI

completely ridiculous API (crAPI)

created at Feb. 3, 2021, 9:11 p.m.

15

641

159