OWASP

All

1.3k repositories

www-project-smart-contract-top-10
Public
OWASP Smart Contract Top 10
HTML
•
Other
•24•68•0•0•Updated Feb 18, 2026Feb 18, 2026
threat-dragon
Public
An open source threat modeling tool from OWASP
owasp threat-modeling sdlc threat-dragon owasp-threat-dragon
JavaScript
•
Apache License 2.0
•347•1.3k•84•3•Updated Feb 18, 2026Feb 18, 2026
www-community
Public
OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
owasp appsec community-project
HTML
•812•1.3k•10•3•Updated Feb 18, 2026Feb 18, 2026
www-chapter-innsbruck
Public
OWASP Foundation web repository
HTML
•1•0•0•2•Updated Feb 18, 2026Feb 18, 2026
cornucopia
Public
The source files and tools needed to build the OWASP Cornucopia decks in various languages
cardgame games card-games owasp gamification gameserver threat-modeling appsec requirements-analysis
Python
•
Creative Commons Attribution Share Alike 4.0 International
•60•98•41•20•Updated Feb 18, 2026Feb 18, 2026
owasp.github.io
Public
OWASP Foundation main site repository
HTML
•
Creative Commons Attribution Share Alike 4.0 International
•309•630•2•1•Updated Feb 18, 2026Feb 18, 2026
Nest
Public
Your gateway to OWASP. Discover, engage, and help shape the future!
react python graphql django typescript rest nextjs gsoc tailwindcss typescript-react
Python
•
MIT License
•521•378•244•59•Updated Feb 18, 2026Feb 18, 2026
wrongsecrets-ctf-party
Public
Run Capture the Flags and Security Trainings with OWASP WrongSecrets
git docker kubernetes aws security ctf training-materials ctfd hacktoberfest
JavaScript
•
Apache License 2.0
•171•55•7•23•Updated Feb 18, 2026Feb 18, 2026
AISVS
Public
Creative Commons Attribution Share Alike 4.0 International
•31•53•5•3•Updated Feb 18, 2026Feb 18, 2026
www-project-web-security-testing-guide
Public
The Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and security professionals.
owasp owasp-website wstg
HTML
•237•558•0•1•Updated Feb 18, 2026Feb 18, 2026
wstg
Public
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
security guide best-practices hacking owasp penetration-testing application-security pentesting bugbounty appsec
Creative Commons Attribution Share Alike 4.0 International
•1.6k•8.9k•47•7•Updated Feb 18, 2026Feb 18, 2026
nest-sdk-typescript
Public
OWASP Nest API TypeScript SDK
TypeScript
•
MIT License
•2•0•0•0•Updated Feb 18, 2026Feb 18, 2026
nest-sdk-python
Public
OWASP Nest API Python SDK
Python
•
MIT License
•3•2•0•0•Updated Feb 18, 2026Feb 18, 2026
nest-sdk
Public
OWASP Nest API Go SDK
Go
•
MIT License
•3•0•0•1•Updated Feb 18, 2026Feb 18, 2026
CheatSheetSeries
Public
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
security code best-practices owasp application-security appsec cheatsheets
Python
•
Creative Commons Attribution Share Alike 4.0 International
•4.4k•31k•50•24•Updated Feb 17, 2026Feb 17, 2026
www-chapter-germany
Public
OWASP Foundation Web Respository
HTML
•29•18•0•1•Updated Feb 17, 2026Feb 17, 2026
mas-website
Public
The OWASP Mobile Application Security Project website is the central hub for industry-leading standards, guides, and resources—helping developers and security p…
TypeScript
•
Creative Commons Attribution Share Alike 4.0 International
•5•5•3•4•Updated Feb 17, 2026Feb 17, 2026
mastg
Public
The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes tech…
android ios static-analysis reverse-engineering hacking mobile-app android-application ios-app dynamic-analysis pentesting
Python
•
Creative Commons Attribution Share Alike 4.0 International
•2.7k•13k•191•57•Updated Feb 17, 2026Feb 17, 2026
www-project-secure-headers
Public
The OWASP Secure Headers Project
http security web owasp secure headers appsec
Python
•
Apache License 2.0
•44•186•1•0•Updated Feb 17, 2026Feb 17, 2026
wrongsecrets
Public
Vulnerable app with examples showing how to not use secrets
java docker kubernetes aws security vault azure gcp secrets owasp
Java
•
GNU Affero General Public License v3.0
•526•1.4k•25•16•Updated Feb 17, 2026Feb 17, 2026
www-chapter-saitama
Public
OWASP Foundation Web Respository
HTML
•2•3•5•0•Updated Feb 17, 2026Feb 17, 2026
www-chapter-augsburg
Public
OWASP Foundation Web Respository
HTML
•1•2•0•2•Updated Feb 16, 2026Feb 16, 2026
www-project-agent-memory-guard
Public
OWASP Foundation web repository
HTML
•
Other
•0•0•0•0•Updated Feb 16, 2026Feb 16, 2026
www-event-appsecil
Public
SCSS
•14•1•1•1•Updated Feb 16, 2026Feb 16, 2026
Nettacker
Public
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
python security automation scanner bruteforce owasp penetration-testing pentesting recon cve
Python
•
Apache License 2.0
•996•4.8k•43•66•Updated Feb 16, 2026Feb 16, 2026
www-project-ai-security-and-privacy-guide
Public
OWASP Foundation Web Respository
HTML
•93•350•9•5•Updated Feb 16, 2026Feb 16, 2026
www-chapter-london
Public
OWASP Foundation Web Respository
HTML
•58•11•0•0•Updated Feb 16, 2026Feb 16, 2026
www-chapter-taiwan
Public
OWASP Foundation Web Respository
HTML
•4•2•0•2•Updated Feb 16, 2026Feb 16, 2026
crAPI
Public
completely ridiculous API (crAPI)
api owasp hacktoberfest apisecurity
Java
•
Apache License 2.0
•516•1.4k•28•20•Updated Feb 15, 2026Feb 15, 2026
www-project-promptme
Public
PromptMe is an educational project that showcases security vulnerabilities in large language models (LLMs) and their web integrations. It includes 10 hands-on c…
owasp vulnerable-application owasp-top-10 ai-security llm prompt-injection llm-security
Python
•
Apache License 2.0
•3•18•1•0•Updated Feb 15, 2026Feb 15, 2026