OWASP

All

1.3k repositories

Nest
Public
Your gateway to OWASP. Discover, engage, and help shape the future!
react python graphql django typescript rest nextjs gsoc tailwindcss typescript-react
Python
•
MIT License
•532•382•232•54•Updated Feb 22, 2026Feb 22, 2026
www-project-top-10-for-large-language-model-applications
Public
OWASP Top 10 for Large Language Model Apps (Part of the GenAI Security Project)
ai appsec llm llm-security
Python
•
Other
•287•1.1k•6•29•Updated Feb 22, 2026Feb 22, 2026
www-project-vulnerable-web-applications-directory
Public
The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currentl…
owasp appsec webappsec vulnerable-web-app vulnerable-web-application vulnerable-applications
JavaScript
•
Creative Commons Attribution Share Alike 4.0 International
•44•80•1•0•Updated Feb 22, 2026Feb 22, 2026
nest-sdk-typescript
Public
OWASP Nest API TypeScript SDK
TypeScript
•
MIT License
•2•0•0•1•Updated Feb 22, 2026Feb 22, 2026
nest-sdk-python
Public
OWASP Nest API Python SDK
Python
•
MIT License
•3•2•0•1•Updated Feb 22, 2026Feb 22, 2026
www-project-secure-headers
Public
The OWASP Secure Headers Project
http security web owasp secure headers appsec
Python
•
Apache License 2.0
•44•186•1•0•Updated Feb 22, 2026Feb 22, 2026
cornucopia
Public
The source files and tools needed to build the OWASP Cornucopia decks in various languages
cardgame games card-games owasp gamification gameserver threat-modeling appsec requirements-analysis
Python
•
Creative Commons Attribution Share Alike 4.0 International
•65•109•41•16•Updated Feb 22, 2026Feb 22, 2026
nest-sdk
Public
OWASP Nest API Go SDK
Go
•
MIT License
•3•0•0•1•Updated Feb 22, 2026Feb 22, 2026
www-community
Public
OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
owasp appsec community-project
HTML
•814•1.3k•10•3•Updated Feb 21, 2026Feb 21, 2026
mastg
Public
The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes tech…
android ios static-analysis reverse-engineering hacking mobile-app android-application ios-app dynamic-analysis pentesting
Python
•
Creative Commons Attribution Share Alike 4.0 International
•2.7k•13k•192•58•Updated Feb 21, 2026Feb 21, 2026
www-board
Public
HTML
•13•6•0•0•Updated Feb 21, 2026Feb 21, 2026
www-project-ai-security-and-privacy-guide
Public
OWASP Foundation Web Respository
HTML
•93•352•9•5•Updated Feb 21, 2026Feb 21, 2026
owasp.github.io
Public
OWASP Foundation main site repository
HTML
•
Creative Commons Attribution Share Alike 4.0 International
•311•629•2•1•Updated Feb 21, 2026Feb 21, 2026
wrongsecrets
Public
Vulnerable app with examples showing how to not use secrets
java docker kubernetes aws security vault azure gcp secrets owasp
Java
•
GNU Affero General Public License v3.0
•527•1.4k•25•16•Updated Feb 21, 2026Feb 21, 2026
german-owasp-day
Public
German OWASP Day conference site & presentation archive
HTML
•17•24•3•1•Updated Feb 21, 2026Feb 21, 2026
mas-website
Public
The OWASP Mobile Application Security Project website is the central hub for industry-leading standards, guides, and resources—helping developers and security p…
TypeScript
•
Creative Commons Attribution Share Alike 4.0 International
•5•5•3•4•Updated Feb 21, 2026Feb 21, 2026
www-chapter-italy
Public
OWASP Foundation Web Respository
HTML
•4•10•0•0•Updated Feb 21, 2026Feb 21, 2026
www-chapter-kanpur
Public
OWASP Foundation Web Respository
HTML
•1•0•0•0•Updated Feb 21, 2026Feb 21, 2026
www-chapter-gaurella
Public
OWASP Foundation web repository
HTML
•0•0•0•0•Updated Feb 21, 2026Feb 21, 2026
wrongsecrets-ctf-party
Public
Run Capture the Flags and Security Trainings with OWASP WrongSecrets
git docker kubernetes aws security ctf training-materials ctfd hacktoberfest
JavaScript
•
Apache License 2.0
•172•55•7•23•Updated Feb 21, 2026Feb 21, 2026
nest-schema
Public
OWASP Schema
python schema json-schema owasp mkdocs yaml-schema owasp-nest
Python
•
MIT License
•9•6•366•0•Updated Feb 21, 2026Feb 21, 2026
Honeypot-Project
Public
Python
•31•103•3•0•Updated Feb 21, 2026Feb 21, 2026
www-project-eks-goat
Public
OWASP EKS Goat is a deliberately vulnerable EKS cluster environment to explore AWS cloud-native security through hands-on attack and defense labs with walkthrou…
hacking owasp cloud-native aws-security cloudsecurity devsecops redteam docker-security eks redteam-infrastructure
Shell
•
GNU General Public License v3.0
•52•40•0•0•Updated Feb 20, 2026Feb 20, 2026
www-chapter-netherlands
Public
OWASP Foundation Web Respository
HTML
•5•6•1•1•Updated Feb 20, 2026Feb 20, 2026
threat-dragon
Public
An open source threat modeling tool from OWASP
owasp threat-modeling sdlc threat-dragon owasp-threat-dragon
JavaScript
•
Apache License 2.0
•348•1.3k•83•5•Updated Feb 20, 2026Feb 20, 2026
www-chapter-santa-barbara
Public
OWASP Foundation Web Respository
HTML
•4•1•0•0•Updated Feb 20, 2026Feb 20, 2026
www-project-ai-testing-guide
Public
OWASP Foundation web repository
Python
•
Other
•124•648•2•4•Updated Feb 19, 2026Feb 19, 2026
www-project-web-security-testing-guide
Public
The Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and security professionals.
owasp owasp-website wstg
HTML
•237•559•0•1•Updated Feb 19, 2026Feb 19, 2026
AISVS
Public
Creative Commons Attribution Share Alike 4.0 International
•31•55•5•2•Updated Feb 19, 2026Feb 19, 2026
ASVS
Public
Application Security Verification Standard
HTML
•
Creative Commons Attribution Share Alike 4.0 International
•796•3.3k•83•7•Updated Feb 19, 2026Feb 19, 2026