180 Open Source Owasp Software Projects
Free and open source owasp code projects including engines, APIs, generators, and tools.
Cheatsheetseries 19621 ⭐
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Awesome Hacking Resources 11564 ⭐
A collection of hacking / penetration testing resources to make you better!
Mobile Security Framework Mobsf 10420 ⭐
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Juice Shop 6417 ⭐
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Bluemonday 2167 ⭐
bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Wstg 3994 ⭐
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Find Sec Bugs 1772 ⭐
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
Django Defectdojo 1973 ⭐
DefectDojo is an open-source application vulnerability correlation and security orchestration tool.
Owtf 1525 ⭐
Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
Themis 1422 ⭐
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
1n3 Blackwidow 1060 ⭐
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
Owasp Nettacker 1606 ⭐
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
Awesome Ethical Hacking Resources 1249 ⭐
🔗 All the resources I could find for learning Ethical Hacking and Penetration Testing.
Dependency Track 985 ⭐
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Owasp Vwad 579 ⭐
The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
Dvws 276 ⭐
OWSAP Damn Vulnerable Web Sockets (DVWS) is a vulnerable web application which works on web sockets for client-server communication.
Www Community 634 ⭐
OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
Juice Shop Ctf 283 ⭐
Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox
Iotgoat 420 ⭐
IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices.
Sbt Dependency Check 217 ⭐
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). :rainbow:
Securetea Project 228 ⭐
The OWASP SecureTea Project provides a one-stop security solution for various devices (personal computers / servers / IoT devices)
Owasp Cloud Security 155 ⭐
OWASP Cloud Security - Enabling conversations through threat and control stories
Owasp Orizon 137 ⭐
Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
Owaspheaders.core 143 ⭐
A .NET Core middleware for injecting the Owasp recommended HTTP Headers for increased security
Pwning Juice Shop 146 ⭐
GitBook markdown content for Bjoern Kimminich's free eBook "Pwning OWASP Juice Shop"
Securityrat 128 ⭐
OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
Insider 321 ⭐
Dependency Check Plugin 105 ⭐
Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
Www Project Web Security Testing Guide 196 ⭐
The Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and security professionals.
Owasp Seraphimdroid 63 ⭐
OWASP Seraphimdroid is an open source project with aim to create, as a community, an open platform for education and protection of Android users against privacy and security threats.
Webdriverio Zap Proxy 59 ⭐
Demo - how to easily build security testing for Web App, using Zap and Glue
Resources For Application Security 76 ⭐
Some good resources for getting started with application security
Breachdetector 69 ⭐
Detect root, emulation, debug mode and other security concerns in your Xamarin apps
Owasp Jenkins 47 ⭐
Want to test your applications using the latest OWASP security toolchains and the NIST National Vulnerability Database using Jenkins, Ansible and docker? :whale: :shield: :lock:
Hackbar 48 ⭐
HackBar Quantum is a sidebar that assists you with web application security testing, it's aim is to help make those tedious tasks a little bit easier. This add-on is a predecessor to the original HackBar that is not compatible with Firefox Quantum.
Ukraine Infosec Conferences 34 ⭐
Анонси, програми та архів матеріалів українських конференцій з кібер-безпеки.
Dependency Check Py 42 ⭐
:closed_lock_with_key: Shim to easily install OWASP dependency-check-cli into Python projects
Zap Mini Workshop 34 ⭐
Interactive IPython Notebook to demonstrate OWASP ZAP's API and Scripting Functions - OWASP ZAP 2.8.0
Ptp 28 ⭐
Pentester's Tools Parser (PTP) provides an unified way to retrieve the information from all (final goal) automated pentesting tools and assign an automated ranking for each finding.
Containers Security Project 25 ⭐
A place for documenting threats and mitigations related to containers orchestrators (Kubernetes, Swarm etc)
Dirbuster 49 ⭐
DirBuster is a multi threaded java application designed to brute force directories and files names on web/application servers.
Dotnet Security Unit Tests 24 ⭐
A web application that contains several unit tests for the purpose of .NET security
Document Upload Protection 33 ⭐
POC in order to protect an document upload application feature against "malicious" document submission.
Viws 19 ⭐
A tiny (5.21Mb light standalone binary) static web server with customizable behavior, secure and monitored by default.