The OWASP Benchmark Project is a Java test suite designed to verify the speed and accuracy of vulnerability detection tools. The initial version is intended to support Static Analysis Security Testing Tools (SAST). A future release will support Dynamic Analysis Security Testing Tools (DAST), like <a href="https://www.owasp.org/index.php/ZAP">OWASP ZAP</a>, and Interactive Analysis Security Testing Tools (IAST). The goal is that this test application is fully runnable and all the vulnerabilities are actually exploitable so its a fair test for any kind of application vulnerability detection tool.
0 commit comments