Repository

Repository di OWASP

Application Security Verification Standard

Ultimo commit 17 ott 2023

 (2324 star) (586 fork) (0 issue indicizzate) (0 good first issue aperte)

Ultimo commit 22 gen 2020

 (4 star) (2 fork) (0 issue indicizzate) (0 good first issue aperte)

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Ultimo commit 6 apr 2024

 (26.342 star) (3703 fork) (0 issue indicizzate) (0 good first issue aperte)

Your gateway to OWASP. Discover, engage, and help shape the future!

Ultimo commit 11 lug 2026

 (412 star) (651 fork) (3 issue indicizzate) (3 good first issue aperte)

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

Ultimo commit 8 mag 2023

 (2338 star) (630 fork) (1 issue indicizzata) (1 good first issue aperta)

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

Ultimo commit 17 gen 2024

 (1794 star) (1526 fork) (3 issue indicizzate) (3 good first issue aperte)

QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as a secure way to login into accounts which aims for hijacking users session by attackers.

Ultimo commit 7 ago 2025

 (1542 star) (653 fork) (1 issue indicizzata) (1 good first issue aperta)

Ultimo commit 28 nov 2018

 (0 star) (0 fork) (0 issue indicizzate) (0 good first issue aperte)

Ultimo commit 12 set 2022

 (6 star) (6 fork) (0 issue indicizzate) (0 good first issue aperte)

Ultimo commit 30 lug 2022

 (6 star) (5 fork) (0 issue indicizzate) (0 good first issue aperte)

Official OWASP Top 10 Document Repository

Ultimo commit 10 nov 2023

 (3906 star) (800 fork) (0 issue indicizzate) (0 good first issue aperte)

A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC

Ultimo commit 30 apr 2026

 (32 star) (11 fork) (0 issue indicizzate) (0 good first issue aperte)
OWASP/cwe-toolJavaScript

A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.

Ultimo commit 30 apr 2026

 (63 star) (23 fork) (0 issue indicizzate) (0 good first issue aperte)

Kubernetes Security Testing Guide

Ultimo commit 24 giu 2020

 (26 star) (5 fork) (0 issue indicizzate) (0 good first issue aperte)

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

Ultimo commit 18 dic 2025

 (12.605 star) (2597 fork) (0 issue indicizzate) (0 good first issue aperte)

Ultimo commit 30 giu 2020

 (35 star) (20 fork) (0 issue indicizzate) (0 good first issue aperte)

The OWASP Java Encoder is a Java 1.5+ simple-to-use drop-in high-performance encoder class with no dependencies and little baggage. This project will help Java web developers defend against Cross Site Scripting!

Ultimo commit 17 nov 2025

 (536 star) (123 fork) (0 issue indicizzate) (0 good first issue aperte)

A documentation and tracking project with the goal of making package management systems more secure.

Ultimo commit 5 mar 2021

 (52 star) (12 fork) (0 issue indicizzate) (0 good first issue aperte)

A vulnerable version of Rails that follows the OWASP Top 10

Ultimo commit 19 ago 2023

 (836 star) (584 fork) (1 issue indicizzata) (1 good first issue aperta)

Vulnerable app with examples showing how to not use secrets

Ultimo commit 19 mag 2026

 (1442 star) (568 fork) (8 issue indicizzate) (8 good first issue aperte)