Dépôts

Dépôts de OWASP

Application Security Verification Standard

Dernier commit 17 oct. 2023

 (2 324 stars) (586 forks) (0 issues indexées) (0 good first issues ouvertes)

Dernier commit 22 janv. 2020

 (4 stars) (2 forks) (0 issues indexées) (0 good first issues ouvertes)

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Dernier commit 6 avr. 2024

 (26 342 stars) (3 703 forks) (0 issues indexées) (0 good first issues ouvertes)

Your gateway to OWASP. Discover, engage, and help shape the future!

Dernier commit 11 juil. 2026

 (412 stars) (651 forks) (0 issues indexées) (0 good first issues ouvertes)

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

Dernier commit 8 mai 2023

 (2 338 stars) (630 forks) (1 issue indexée) (1 good first issue ouverte)

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

Dernier commit 17 janv. 2024

 (1 794 stars) (1 526 forks) (3 issues indexées) (3 good first issues ouvertes)

QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as a secure way to login into accounts which aims for hijacking users session by attackers.

Dernier commit 7 août 2025

 (1 542 stars) (653 forks) (1 issue indexée) (1 good first issue ouverte)

Dernier commit 28 nov. 2018

 (0 stars) (0 forks) (0 issues indexées) (0 good first issues ouvertes)

Dernier commit 12 sept. 2022

 (6 stars) (6 forks) (0 issues indexées) (0 good first issues ouvertes)

Dernier commit 30 juil. 2022

 (6 stars) (5 forks) (0 issues indexées) (0 good first issues ouvertes)

Official OWASP Top 10 Document Repository

Dernier commit 10 nov. 2023

 (3 906 stars) (800 forks) (0 issues indexées) (0 good first issues ouvertes)

A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC

Dernier commit 30 avr. 2026

 (32 stars) (11 forks) (0 issues indexées) (0 good first issues ouvertes)
OWASP/cwe-toolJavaScript

A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.

Dernier commit 30 avr. 2026

 (63 stars) (23 forks) (0 issues indexées) (0 good first issues ouvertes)

Kubernetes Security Testing Guide

Dernier commit 24 juin 2020

 (26 stars) (5 forks) (0 issues indexées) (0 good first issues ouvertes)

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

Dernier commit 18 déc. 2025

 (12 605 stars) (2 597 forks) (0 issues indexées) (0 good first issues ouvertes)

Dernier commit 30 juin 2020

 (35 stars) (20 forks) (0 issues indexées) (0 good first issues ouvertes)

The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!

Dernier commit 17 nov. 2025

 (536 stars) (123 forks) (0 issues indexées) (0 good first issues ouvertes)

A documentation and tracking project with the goal of making package management systems more secure.

Dernier commit 5 mars 2021

 (52 stars) (12 forks) (0 issues indexées) (0 good first issues ouvertes)

A vulnerable version of Rails that follows the OWASP Top 10

Dernier commit 19 août 2023

 (836 stars) (584 forks) (0 issues indexées) (0 good first issues ouvertes)

Vulnerable app with examples showing how to not use secrets

Dernier commit 19 mai 2026

 (1 442 stars) (568 forks) (8 issues indexées) (8 good first issues ouvertes)