Repositories

OWASP Repositories

Application Security Verification Standard

Letzter Commit 17. Okt. 2023

 (2.324 Stars) (586 Forks) (0 indexierte Issues) (0 offene good first issues)

Letzter Commit 22. Jan. 2020

 (4 Stars) (2 Forks) (0 indexierte Issues) (0 offene good first issues)

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Letzter Commit 6. Apr. 2024

 (26.342 Stars) (3.703 Forks) (0 indexierte Issues) (0 offene good first issues)

Your gateway to OWASP. Discover, engage, and help shape the future!

Letzter Commit 11. Juli 2026

 (412 Stars) (651 Forks) (0 indexierte Issues) (0 offene good first issues)

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

Letzter Commit 8. Mai 2023

 (2.338 Stars) (630 Forks) (1 indexiertes Issue) (1 offenes good first issue)

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

Letzter Commit 17. Jan. 2024

 (1.794 Stars) (1.526 Forks) (3 indexierte Issues) (3 offene good first issues)

QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as a secure way to login into accounts which aims for hijacking users session by attackers.

Letzter Commit 7. Aug. 2025

 (1.542 Stars) (653 Forks) (1 indexiertes Issue) (1 offenes good first issue)

Letzter Commit 28. Nov. 2018

 (0 Stars) (0 Forks) (0 indexierte Issues) (0 offene good first issues)

Letzter Commit 12. Sept. 2022

 (6 Stars) (6 Forks) (0 indexierte Issues) (0 offene good first issues)

Letzter Commit 30. Juli 2022

 (6 Stars) (5 Forks) (0 indexierte Issues) (0 offene good first issues)

Official OWASP Top 10 Document Repository

Letzter Commit 10. Nov. 2023

 (3.906 Stars) (800 Forks) (0 indexierte Issues) (0 offene good first issues)

A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC

Letzter Commit 30. Apr. 2026

 (32 Stars) (11 Forks) (0 indexierte Issues) (0 offene good first issues)
OWASP/cwe-toolJavaScript

A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.

Letzter Commit 30. Apr. 2026

 (63 Stars) (23 Forks) (0 indexierte Issues) (0 offene good first issues)

Kubernetes Security Testing Guide

Letzter Commit 24. Juni 2020

 (26 Stars) (5 Forks) (0 indexierte Issues) (0 offene good first issues)

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

Letzter Commit 18. Dez. 2025

 (12.605 Stars) (2.597 Forks) (0 indexierte Issues) (0 offene good first issues)

Letzter Commit 30. Juni 2020

 (35 Stars) (20 Forks) (0 indexierte Issues) (0 offene good first issues)

The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!

Letzter Commit 17. Nov. 2025

 (536 Stars) (123 Forks) (0 indexierte Issues) (0 offene good first issues)

A documentation and tracking project with the goal of making package management systems more secure.

Letzter Commit 5. März 2021

 (52 Stars) (12 Forks) (0 indexierte Issues) (0 offene good first issues)

A vulnerable version of Rails that follows the OWASP Top 10

Letzter Commit 19. Aug. 2023

 (836 Stars) (584 Forks) (0 indexierte Issues) (0 offene good first issues)

Vulnerable app with examples showing how to not use secrets

Letzter Commit 19. Mai 2026

 (1.442 Stars) (568 Forks) (8 indexierte Issues) (8 offene good first issues)