Repositories list

• ASVS

  Public

  OWASP/ASVS’s past year of commit activity
  Application Security Verification Standard

  HTML

  •

  Creative Commons Attribution Share Alike 4.0 International

  •784•3.3k•80•7•Updated Dec 7, 2025Dec 7, 2025

• www-chapter-saitama

  Public

  OWASP/www-chapter-saitama’s past year of commit activity
  OWASP Foundation Web Respository

  HTML

  •1•2•1•0•Updated Dec 7, 2025Dec 7, 2025

• mas-website

  Public

  OWASP/mas-website’s past year of commit activity
  The OWASP Mobile Application Security Project website is the central hub for industry-leading standards, guides, and resources—helping developers and security professionals build, test, and secure mobile applications.

  Dockerfile

  •

  Creative Commons Attribution Share Alike 4.0 International

  •4•4•6•5•Updated Dec 7, 2025Dec 7, 2025

• mastg

  Public

  OWASP/mastg’s past year of commit activity
  The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

  androidiosstatic-analysis+ 16reverse-engineeringhackingmobile-appandroid-applicationios-appdynamic-analysispentesting+ 9

  Shell

  •

  Creative Commons Attribution Share Alike 4.0 International

  •2.6k•13k•304•53•Updated Dec 7, 2025Dec 7, 2025

• www-chapter-kansai

  Public

  OWASP/www-chapter-kansai’s past year of commit activity
  OWASP Foundation Web Respository

  HTML

  •2•4•0•3•Updated Dec 7, 2025Dec 7, 2025

• railsgoat

  Public

  OWASP/railsgoat’s past year of commit activity
  A vulnerable version of Rails that follows the OWASP Top 10

  rubyrailssecurity+ 4ruby-on-railsvulnerabilitiesappsecowasp-top

  HTML

  •

  MIT License

  •772•902•23•4•Updated Dec 7, 2025Dec 7, 2025

• www-project-noir

  Public

  OWASP/www-project-noir’s past year of commit activity
  Attack surface detector that identifies endpoints by static analysis

  HTML

  •

  Other

  •3•5•0•0•Updated Dec 7, 2025Dec 7, 2025

• www-chapter-vancouver

  Public

  OWASP/www-chapter-vancouver’s past year of commit activity
  OWASP Foundation Web Respository

  Shell

  •7•1•0•2•Updated Dec 7, 2025Dec 7, 2025

• owasp.github.io

  Public

  OWASP/owasp.github.io’s past year of commit activity
  OWASP Foundation main site repository

  HTML

  •

  Creative Commons Attribution Share Alike 4.0 International

  •299•615•3•1•Updated Dec 7, 2025Dec 7, 2025

• www-project-secure-headers

  Public
  The OWASP Secure Headers Project

  httpsecurityweb+ 4owaspsecureheadersappsec

  Python

  •

  Apache License 2.0

  •44•177•2•0•Updated Dec 7, 2025Dec 7, 2025

• Nest

  Public

  OWASP/Nest’s past year of commit activity
  Your gateway to OWASP. Discover, engage, and help shape the future!

  reactpythongraphql+ 10djangotypescriptrestnextjsgsoctailwindcsstypescript-react+ 3

  Python

  •

  MIT License

  •323•250•114•35•Updated Dec 6, 2025Dec 6, 2025

• threat-dragon

  Public

  OWASP/threat-dragon’s past year of commit activity
  An open source threat modeling tool from OWASP

  owaspthreat-modelingsdlc+ 2threat-dragonowasp-threat-dragon

  JavaScript

  •

  Apache License 2.0

  •321•1.3k•93•6•Updated Dec 6, 2025Dec 6, 2025

• www-chapter-aarhus

  Public
  OWASP Foundation Web Respository

  CSS

  •3•5•0•0•Updated Dec 6, 2025Dec 6, 2025

• www-chapter-tirunelveli

  Public

  OWASP/www-chapter-tirunelveli’s past year of commit activity
  OWASP Foundation Web Respository

  owasp-tirunelveli

  HTML

  •2•2•0•0•Updated Dec 6, 2025Dec 6, 2025

• www-project-spvs

  Public

  OWASP/www-project-spvs’s past year of commit activity
  OWASP Foundation web repository

  HTML

  •

  Creative Commons Attribution Share Alike 4.0 International

  •6•47•0•0•Updated Dec 6, 2025Dec 6, 2025

• www-chapter-czech-republic

  Public
  OWASP Foundation Web Respository

  HTML

  •5•5•0•0•Updated Dec 6, 2025Dec 6, 2025

• www-chapter-kyiv

  Public
  OWASP Foundation Web Respository

  HTML

  •5•4•0•2•Updated Dec 6, 2025Dec 6, 2025

• www-project-automated-threats-to-web-applications

  Public
  OWASP Foundation Web Respository

  HTML

  •22•73•2•2•Updated Dec 6, 2025Dec 6, 2025

• CheatSheetSeries

  Public

  OWASP/CheatSheetSeries’s past year of commit activity
  The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

  securitycodebest-practices+ 4owaspapplication-securityappseccheatsheets

  Python

  •

  Creative Commons Attribution Share Alike 4.0 International

  •4.3k•31k•48•13•Updated Dec 6, 2025Dec 6, 2025

• Nettacker

  Public

  OWASP/Nettacker’s past year of commit activity
  Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

  pythonsecurityautomation+ 17scannerbruteforceowasppenetration-testingpentestingreconcve+ 10

  Python

  •

  Apache License 2.0

  •944•4.6k•29•29•Updated Dec 6, 2025Dec 6, 2025

• www-project-top-10-for-large-language-model-applications

  Public

  OWASP/www-project-top-10-for-large-language-model-applications’s past year of commit activity
  OWASP Top 10 for Large Language Model Apps (Part of the GenAI Security Project)

  aiappsecllm+ 1llm-security

  Python

  •

  Other

  •266•981•4•42•Updated Dec 6, 2025Dec 6, 2025

• cornucopia

  Public

  OWASP/cornucopia’s past year of commit activity
  The source files and tools needed to build the OWASP Cornucopia decks in various languages

  cardgamegamescard-games+ 6owaspgamificationgameserverthreat-modelingappsecrequirements-analysis

  Elixir

  •

  Creative Commons Attribution Share Alike 4.0 International

  •38•85•25•3•Updated Dec 6, 2025Dec 6, 2025

• wrongsecrets

  Public
  Vulnerable app with examples showing how to not use secrets

  javadockerkubernetes+ 16awssecurityvaultazuregcpsecretsowasp+ 9

  Java

  •

  GNU Affero General Public License v3.0

  •509•1.4k•24•17•Updated Dec 6, 2025Dec 6, 2025

• nest-schema

  Public

  OWASP/nest-schema’s past year of commit activity
  OWASP Schema

  pythonschemajson-schema+ 4owaspmkdocsyaml-schemaowasp-nest

  Python

  •

  MIT License

  •8•7•381•0•Updated Dec 6, 2025Dec 6, 2025

• Top10

  Public

  OWASP/Top10’s past year of commit activity
  Official OWASP Top 10 Document Repository

  HTML

  •

  Other

  •966•5k•8•29•Updated Dec 6, 2025Dec 6, 2025

• www-chapter-university-of-exeter

  Public

  OWASP/www-chapter-university-of-exeter’s past year of commit activity
  OWASP Foundation web repository

  HTML

  •0•0•0•0•Updated Dec 5, 2025Dec 5, 2025

• www-chapter-san-antonio

  Public
  OWASP Foundation Web Respository

  HTML

  •3•2•0•0•Updated Dec 5, 2025Dec 5, 2025

• www-project-cornucopia

  Public
  OWASP Foundation Web Respository

  HTML

  •11•28•0•0•Updated Dec 5, 2025Dec 5, 2025

• www-project-hactu8

  Public
  OWASP Foundation web repository

  HTML

  •

  Other

  •0•0•25•2•Updated Dec 5, 2025Dec 5, 2025

• www-chapter-porto

  Public
  OWASP Foundation Web Respository

  HTML

  •2•3•0•2•Updated Dec 5, 2025Dec 5, 2025