Skip to content
@OWASP

OWASP

The OWASP Foundation

Popular repositories Loading

  1. CheatSheetSeries CheatSheetSeries Public

    The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

    Python 30.8k 4.3k

  2. mastg mastg Public

    The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWA…

    Shell 12.6k 2.6k

  3. wstg wstg Public

    The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

    Dockerfile 8.6k 1.5k

  4. Go-SCP Go-SCP Public

    Golang Secure Coding Practices guide

    Go 5.2k 389

  5. Top10 Top10 Public

    Official OWASP Top 10 Document Repository

    HTML 5k 964

  6. Nettacker Nettacker Public

    Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

    Python 4.6k 941

Repositories

Showing 10 of 1328 repositories
  • www-chapter-czech-republic Public

    OWASP Foundation Web Respository

    OWASP/www-chapter-czech-republic’s past year of commit activity
    HTML 5 6 0 0 Updated Dec 1, 2025
  • www-project-nightingale Public

    OWASP Foundation Web Respository

    OWASP/www-project-nightingale’s past year of commit activity
    HTML 9 3 0 0 Updated Dec 1, 2025
  • crAPI Public

    completely ridiculous API (crAPI)

    OWASP/crAPI’s past year of commit activity
    Java 1,378 Apache-2.0 482 28 (1 issue needs help) 16 Updated Dec 1, 2025
  • wrongsecrets Public

    Vulnerable app with examples showing how to not use secrets

    OWASP/wrongsecrets’s past year of commit activity
    Java 1,373 AGPL-3.0 505 23 (9 issues need help) 10 Updated Dec 1, 2025
  • www-project-vulnerable-web-applications-directory Public

    The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.

    OWASP/www-project-vulnerable-web-applications-directory’s past year of commit activity
    HTML 67 34 13 (1 issue needs help) 1 Updated Dec 1, 2025
  • www-project-software-security-5d-framework Public

    OWASP Software Security 5D Framework

    OWASP/www-project-software-security-5d-framework’s past year of commit activity
    HTML 7 1 0 0 Updated Dec 1, 2025
  • www-project-web-security-testing-guide Public

    The Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and security professionals.

    OWASP/www-project-web-security-testing-guide’s past year of commit activity
    HTML 535 229 0 1 Updated Dec 1, 2025
  • wrongsecrets-ctf-party Public Forked from juice-shop/multi-juicer

    Run Capture the Flags and Security Trainings with OWASP WrongSecrets

    OWASP/wrongsecrets-ctf-party’s past year of commit activity
    JavaScript 52 Apache-2.0 170 7 (5 issues need help) 14 Updated Dec 1, 2025
  • www-chapter-italy Public

    OWASP Foundation Web Respository

    OWASP/www-chapter-italy’s past year of commit activity
    HTML 10 4 0 0 Updated Dec 1, 2025
  • maswe Public

    The Mobile Application Security Weakness Enumeration (MASWE) is a list of common security and privacy weaknesses in mobile apps. It is intended to be used as a reference for developers, security researchers, and security professionals. It acts as the bridge between the OWASP MASVS and the MASTG.

    OWASP/maswe’s past year of commit activity
    13 CC-BY-SA-4.0 8 1 9 Updated Dec 1, 2025
View all repositories