Owasp
Showing 18 of 18 projects
A free, open-source web application security scanner for finding vulnerabilities during development and testing.
Performs in-depth attack surface mapping and external asset discovery using open source intelligence and active reconnaissance.
Performs in-depth attack surface mapping and external asset discovery using open source intelligence and active reconnaissance.
A comprehensive manual for mobile app security testing and reverse engineering, aligned with OWASP MASVS and MASWE.
A curated list of books, articles, websites, and tools for learning application security across multiple programming languages.
A curated list of books, articles, websites, and tools for learning application security across multiple programming languages.
A curated list of resources for learning and practicing web application security, including tools, books, courses, and vulnerable labs.
A next-generation web scanner that identifies websites and their technologies using over 1800 plugins with configurable aggression levels.
An automated penetration testing tool that detects and exploits command injection vulnerabilities in web applications.
A curated collection of security conference talks and videos from events like DEF CON, Black Hat, and BSides.
A scanner that detects JavaScript libraries with known vulnerabilities and can generate a Software Bill of Materials (SBOM).
A fast, configurable HTML sanitizer for Go that scrubs user-generated content of XSS attacks using an allowlist policy.
An open-source, enterprise-grade Web Application Firewall library written in Go, compatible with ModSecurity SecLang rulesets.
An automated security testing framework for REST APIs that detects vulnerabilities like SQL injection, XSS, and CSRF.
A SpotBugs plugin for detecting security vulnerabilities in Java web and Android applications.
The OWASP Mobile Application Security Verification Standard (MASVS) is the industry standard for mobile app security.
A community-driven checklist of security precautions for Ruby on Rails applications to minimize vulnerabilities.
A curated list of threat modeling resources including books, courses, videos, tools, tutorials, and examples for learning and practicing threat modeling.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.