Repositories list

• cornucopia

  Public
  The source files and tools needed to build the OWASP Cornucopia decks in various languages

  cardcard-gamegamification+ 1threat-modeling

  Python

  •

  Other

  •24•48•6•4•Updated Feb 7, 2025Feb 7, 2025

• threat-dragon

  Public
  An open source threat modeling tool from OWASP

  owaspthreat-modelingsdlc+ 2threat-dragonowasp-threat-dragon

  JavaScript

  •

  Apache License 2.0

  •270•1k•73•3•Updated Feb 7, 2025Feb 7, 2025

• Nest

  Public
  Your gateway to OWASP. Discover, engage, and help shape the future!

  reactpythongraphql+ 11kubernetesdjangotypescriptrestdjango-rest-frameworkk8sgsoc+ 4

  Python

  •

  MIT License

  •54•34•54•18•Updated Feb 7, 2025Feb 7, 2025

• www-project-threat-dragon

  Public
  OWASP Foundation Threat Dragon Project Web Repository

  security-toolsowaspappsec

  HTML

  •

  Apache License 2.0

  •28•74•4•1•Updated Feb 7, 2025Feb 7, 2025

• www-project-ai-security-and-privacy-guide

  Public
  OWASP Foundation Web Respository

  HTML

  •57•232•6•3•Updated Feb 7, 2025Feb 7, 2025

• owasp.github.io

  Public
  OWASP Foundation main site repository

  HTML

  •

  Creative Commons Attribution Share Alike 4.0 International

  •273•558•11•7•Updated Feb 7, 2025Feb 7, 2025

• www-community

  Public
  OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.

  appseccommunity-projectowasp

  HTML

  •708•1.2k•10•1•Updated Feb 7, 2025Feb 7, 2025

• www-chapter-oshawa

  Public
  OWASP Foundation web repository

  HTML

  •0•0•0•0•Updated Feb 7, 2025Feb 7, 2025

• www-project-top-10-for-large-language-model-applications

  Public
  OWASP Foundation Web Respository

  TeX

  •

  Other

  •161•644•24•3•Updated Feb 7, 2025Feb 7, 2025

• www-chapter-istanbul

  Public
  OWASP Foundation Web Respository

  HTML

  •4•0•0•1•Updated Feb 7, 2025Feb 7, 2025

• www-chapter-juiz-de-fora

  Public
  OWASP Foundation web repository

  HTML

  •0•0•0•0•Updated Feb 7, 2025Feb 7, 2025

• www-chapter-japan

  Public
  OWASP Foundation Web Respository

  HTML

  •12•211•0•0•Updated Feb 7, 2025Feb 7, 2025

• www-chapter-denver

  Public
  OWASP Foundation Web Respository

  HTML

  •3•1•0•0•Updated Feb 7, 2025Feb 7, 2025

• www-chapter-salvador

  Public
  OWASP Foundation web repository

  HTML

  •0•0•0•0•Updated Feb 7, 2025Feb 7, 2025

• www-chapter-lisboa

  Public
  OWASP Foundation Web Respository

  HTML

  •3•5•0•0•Updated Feb 6, 2025Feb 6, 2025

• crAPI

  Public
  completely ridiculous API (crAPI)

  apiowasphacktoberfest+ 1apisecurity

  Java

  •

  Apache License 2.0

  •370•1.2k•34•21•Updated Feb 6, 2025Feb 6, 2025

• owasp-mastg

  Public
  The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

  static-analysisandroid-applicationios-app+ 16dynamic-analysispentestingmobile-securitynetwork-analysismastreverse-enginneringruntime-analysis+ 9

  Python

  •

  Creative Commons Attribution Share Alike 4.0 International

  •2.4k•12k•310•31•Updated Feb 6, 2025Feb 6, 2025

• www-event-appsecil

  Public
  SCSS

  •11•1•0•0•Updated Feb 6, 2025Feb 6, 2025

• www-chapter-manipal-institute-of-technology

  Public
  OWASP Foundation Web Respository

  HTML

  •0•0•0•0•Updated Feb 6, 2025Feb 6, 2025

• ASVS

  Public
  Application Security Verification Standard

  HTML

  •

  Creative Commons Attribution Share Alike 4.0 International

  •680•2.8k•66•3•Updated Feb 6, 2025Feb 6, 2025

• Nettacker

  Public
  Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

  pythonsecurityautomation+ 17scannerbruteforceowasppenetration-testingpentestingreconcve+ 10

  Python

  •

  Apache License 2.0

  •813•3.8k•24•13•Updated Feb 6, 2025Feb 6, 2025

• www-project-secure-headers

  Public
  The OWASP Secure Headers Project

  httpsecurityweb+ 4owaspsecureheadersappsec

  Python

  •

  Apache License 2.0

  •40•146•1•0•Updated Feb 6, 2025Feb 6, 2025

• www-project-developer-guide

  Public
  OWASP Project Developer Guide - Document and Project Web pages

  owaspowasp-developer-guide

  HTML

  •

  Creative Commons Attribution Share Alike 4.0 International

  •26•104•12•1•Updated Feb 6, 2025Feb 6, 2025

• www-project-non-human-identities-top-10

  Public
  OWASP Non-Human Identities Top 10

  HTML

  •

  Other

  •15•22•2•3•Updated Feb 6, 2025Feb 6, 2025

• open-sammy

  Public
  Open SAMMY codebase

  PHP

  •

  Creative Commons Attribution Share Alike 4.0 International

  •0•2•0•7•Updated Feb 6, 2025Feb 6, 2025

• wrongsecrets

  Public
  Vulnerable app with examples showing how to not use secrets

  javadockerkubernetes+ 16awssecurityvaultazuregcpsecretsowasp+ 9

  Java

  •

  GNU Affero General Public License v3.0

  •393•1.3k•24•2•Updated Feb 6, 2025Feb 6, 2025

• www-chapter-harrisburg

  Public
  OWASP Foundation Web Respository

  HTML

  •2•0•0•0•Updated Feb 6, 2025Feb 6, 2025

• wrongsecrets-ctf-party

  Public
  Run Capture the Flags and Security Trainings with OWASP WrongSecrets

  gitdockerkubernetes+ 6awssecurityctftraining-materialsctfdhacktoberfest

  JavaScript

  •

  Apache License 2.0

  •138•43•8•8•Updated Feb 5, 2025Feb 5, 2025

• www-project-prodsecman

  Public
  OWASP Foundation web repository

  HTML

  •

  Other

  •0•0•0•0•Updated Feb 5, 2025Feb 5, 2025

• www-chapter-germany

  Public
  OWASP Foundation Web Respository

  HTML

  •27•18•0•0•Updated Feb 5, 2025Feb 5, 2025