Repositories list

• wrongsecrets-ctf-party

  Public

  OWASP/wrongsecrets-ctf-party’s past year of commit activity
  Run Capture the Flags and Security Trainings with OWASP WrongSecrets

  gitdockerkubernetes+ 6

  gitdockerkubernetesawssecurityctftraining-materialsctfdhacktoberfest

  JavaScript

  •

  Apache License 2.0

  •173173 forks•5555 stars•66 issues•1111 pull requests•Updated Apr 21, 2026Apr 21, 2026

• mas-website

  Public

  OWASP/mas-website’s past year of commit activity
  The OWASP Mobile Application Security Project website is the central hub for industry-leading standards, guides, and resources—helping developers and security p…

  TypeScript

  •

  Creative Commons Attribution Share Alike 4.0 International

  •77 forks•66 stars•55 issues•55 pull requests•Updated Apr 21, 2026Apr 21, 2026

• wrongsecrets

  Public
  Vulnerable app with examples showing how to not use secrets

  javadockerkubernetes+ 16

  javadockerkubernetesawssecurityvaultazuregcpsecretsowasp+ 9

  Java

  •

  GNU Affero General Public License v3.0

  •549549 forks•1.4k1.4k stars•2424 issues•77 pull requests•Updated Apr 21, 2026Apr 21, 2026

• www-project-wrongsecrets

  Public
  OWASP Foundation Web Respository

  HTML

  •44 forks•2121 stars•00 issues•00 pull requests•Updated Apr 21, 2026Apr 21, 2026

• owasp.github.io

  Public
  OWASP Foundation main site repository

  HTML

  •

  Creative Commons Attribution Share Alike 4.0 International

  •314314 forks•643643 stars•44 issues•11 pull request•Updated Apr 21, 2026Apr 21, 2026

• www-chapter-saitama

  Public

  OWASP/www-chapter-saitama’s past year of commit activity
  OWASP Foundation Web Respository

  HTML

  •22 forks•33 stars•44 issues•00 pull requests•Updated Apr 21, 2026Apr 21, 2026

• pysap

  Public

  OWASP/pysap’s past year of commit activity
  pysap is an open source Python library that provides modules for crafting and sending packets using SAP's NI, Diag, Enqueue, Router, MS, SNC, IGS, RFC and HDB p…

  pythonsapscapy+ 1

  pythonsapscapycbas

  Python

  •

  GNU General Public License v2.0

  •6666 forks•246246 stars•33 issues•11 pull request•Updated Apr 20, 2026Apr 20, 2026

• wstg

  Public
  The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

  securityguidebest-practices+ 8

  securityguidebest-practiceshackingowasppenetration-testingapplication-securitypentestingbugbountyappsec+ 1

  Creative Commons Attribution Share Alike 4.0 International

  •1.6k1.6k forks•9.1k9.1k stars•3737 issues•88 pull requests•Updated Apr 20, 2026Apr 20, 2026

• AI-Vulnerabilities-Playground

  Public

  OWASP/AI-Vulnerabilities-Playground’s past year of commit activity
  MIT License

  •00 forks•00 stars•00 issues•00 pull requests•Updated Apr 20, 2026Apr 20, 2026

• threat-dragon

  Public
  An open source threat modeling tool from OWASP

  owaspthreat-modelingsdlc+ 2

  owaspthreat-modelingsdlcthreat-dragonowasp-threat-dragon

  JavaScript

  •

  Apache License 2.0

  •364364 forks•1.4k1.4k stars•100100 issues•1616 pull requests•Updated Apr 20, 2026Apr 20, 2026

• APTS

  Public

  OWASP/APTS’s past year of commit activity
  OWASP Autonomous Penetration Testing Standard

  HTML

  •

  Other

  •2424 forks•143143 stars•00 issues•55 pull requests•Updated Apr 20, 2026Apr 20, 2026

• Vulnerable-AI-Factory

  Public

  OWASP/Vulnerable-AI-Factory’s past year of commit activity
  MIT License

  •00 forks•00 stars•00 issues•00 pull requests•Updated Apr 20, 2026Apr 20, 2026

• PwnzzAI

  Public

  OWASP/PwnzzAI’s past year of commit activity
  GNU General Public License v3.0

  •00 forks•11 star•00 issues•00 pull requests•Updated Apr 20, 2026Apr 20, 2026

• cornucopia

  Public
  The source files and tools needed to build the OWASP Cornucopia decks in various languages

  cardgamegamescard-games+ 6

  cardgamegamescard-gamesowaspgamificationgameserverthreat-modelingappsecrequirements-analysis

  Python

  •

  Creative Commons Attribution Share Alike 4.0 International

  •9494 forks•124124 stars•4747 issues•2222 pull requests•Updated Apr 20, 2026Apr 20, 2026

• www-project-automated-threats-to-web-applications

  Public

  OWASP/www-project-automated-threats-to-web-applications’s past year of commit activity
  OWASP Foundation Web Respository

  HTML

  •2121 forks•7676 stars•11 issue•11 pull request•Updated Apr 20, 2026Apr 20, 2026

• AISVS

  Public

  OWASP/AISVS’s past year of commit activity
  The AI Security Verification Standard (AISVS) focuses on providing developers, architects, and security professionals with a structured checklist to verify the …

  aisecurity

  aisecurity

  Creative Commons Attribution Share Alike 4.0 International

  •6161 forks•128128 stars•1212 issues•33 pull requests•Updated Apr 20, 2026Apr 20, 2026

• OpenCRE

  Public

  OWASP/OpenCRE’s past year of commit activity
  securitysecurity-auditstandards

  securitysecurity-auditstandards

  Python

  •

  Creative Commons Zero v1.0 Universal

  •116116 forks•151151 stars•9292 issues•7575 pull requests•Updated Apr 20, 2026Apr 20, 2026

• mastg

  Public

  OWASP/mastg’s past year of commit activity
  The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes tech…

  androidiosstatic-analysis+ 16

  androidiosstatic-analysisreverse-engineeringhackingmobile-appandroid-applicationios-appdynamic-analysispentesting+ 9

  Python

  •

  Creative Commons Attribution Share Alike 4.0 International

  •2.7k2.7k forks•13k13k stars•191191 issues•5252 pull requests•Updated Apr 20, 2026Apr 20, 2026

• www-project-ai-security-and-privacy-guide

  Public

  OWASP/www-project-ai-security-and-privacy-guide’s past year of commit activity
  OWASP Foundation Web Respository

  HTML

  •9696 forks•377377 stars•1010 issues•44 pull requests•Updated Apr 20, 2026Apr 20, 2026

• german-owasp-day

  Public
  German OWASP Day conference site & presentation archive

  HTML

  •1717 forks•2424 stars•33 issues•11 pull request•Updated Apr 20, 2026Apr 20, 2026

• open-sammy

  Public
  Open SAMMY codebase

  PHP

  •

  Creative Commons Attribution Share Alike 4.0 International

  •1313 forks•2424 stars•22 issues•55 pull requests•Updated Apr 20, 2026Apr 20, 2026

• www-project-docksec

  Public

  OWASP/www-project-docksec’s past year of commit activity
  OWASP Foundation web repository

  Python

  •

  MIT License

  •11 fork•00 stars•00 issues•1414 pull requests•Updated Apr 20, 2026Apr 20, 2026

• www-chapter-london

  Public
  OWASP Foundation Web Respository

  HTML

  •5858 forks•1212 stars•00 issues•00 pull requests•Updated Apr 19, 2026Apr 19, 2026

• Nest

  Public
  Your gateway to OWASP. Discover, engage, and help shape the future!

  reactpythongraphql+ 10

  reactpythongraphqldjangotypescriptrestnextjsgsoctailwindcsstypescript-react+ 3

  Python

  •

  MIT License

  •632632 forks•412412 stars•275275 issues•7070 pull requests•Updated Apr 19, 2026Apr 19, 2026

• maswe

  Public

  OWASP/maswe’s past year of commit activity
  The Mobile Application Security Weakness Enumeration (MASWE) is a list of common security and privacy weaknesses in mobile apps. It is intended to be used as a …

  securityprivacymobile-app+ 4

  securityprivacymobile-appmobile-privacyowasp-mobileweaknessmaswe

  Creative Commons Attribution Share Alike 4.0 International

  •1616 forks•2525 stars•9595 issues•1111 pull requests•Updated Apr 19, 2026Apr 19, 2026

• www-project-secure-headers

  Public
  The OWASP Secure Headers Project

  httpsecurityweb+ 4

  httpsecuritywebowaspsecureheadersappsec

  Python

  •

  Apache License 2.0

  •4545 forks•194194 stars•11 issue•00 pull requests•Updated Apr 19, 2026Apr 19, 2026

• Nettacker

  Public
  Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

  pythonsecurityautomation+ 17

  pythonsecurityautomationscannerbruteforceowasppenetration-testingpentestingreconcve+ 10

  Python

  •

  Apache License 2.0

  •1.1k1.1k forks•5k5k stars•8080 issues•144144 pull requests•Updated Apr 18, 2026Apr 18, 2026

• www-project-vulnerable-ai-factory

  Public
  OWASP Foundation web repository

  HTML

  •

  Other

  •00 forks•00 stars•00 issues•00 pull requests•Updated Apr 18, 2026Apr 18, 2026

• www-project-operational-technology-top-10

  Public

  OWASP/www-project-operational-technology-top-10’s past year of commit activity
  OWASP Foundation web repository

  HTML

  •

  Creative Commons Attribution Share Alike 4.0 International

  •1111 forks•2323 stars•77 issues•22 pull requests•Updated Apr 18, 2026Apr 18, 2026

• www-project-vulnerability-management-guide

  Public

  OWASP/www-project-vulnerability-management-guide’s past year of commit activity
  OWASP Foundation Web Respository

  owaspcybersecurityvulnerability-management

  owaspcybersecurityvulnerability-management

  HTML

  •1010 forks•3232 stars•11 issue•22 pull requests•Updated Apr 17, 2026Apr 17, 2026