Skip to content
@OWASP

OWASP

The OWASP Foundation

Popular repositories Loading

  1. CheatSheetSeries CheatSheetSeries Public

    The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

    Python 31.1k 4.3k

  2. mastg mastg Public

    The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWA…

    JavaScript 12.7k 2.6k

  3. wstg wstg Public

    The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

    Dockerfile 8.7k 1.5k

  4. Go-SCP Go-SCP Public

    Golang Secure Coding Practices guide

    Go 5.2k 395

  5. Top10 Top10 Public

    Official OWASP Top 10 Document Repository

    HTML 5.1k 1k

  6. Nettacker Nettacker Public

    Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

    Python 4.8k 984

Repositories

Showing 10 of 1347 repositories
  • mastg Public

    The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

    OWASP/mastg’s past year of commit activity
    JavaScript 12,664 CC-BY-SA-4.0 2,643 207 61 Updated Jan 17, 2026
  • threat-dragon Public

    An open source threat modeling tool from OWASP

    OWASP/threat-dragon’s past year of commit activity
    JavaScript 1,283 Apache-2.0 333 89 (6 issues need help) 1 Updated Jan 17, 2026
  • www-project-vulnerable-web-applications-directory Public

    The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.

    OWASP/www-project-vulnerable-web-applications-directory’s past year of commit activity
    JavaScript 74 CC-BY-SA-4.0 43 2 0 Updated Jan 17, 2026
  • wrongsecrets Public

    Vulnerable app with examples showing how to not use secrets

    OWASP/wrongsecrets’s past year of commit activity
    Java 1,388 AGPL-3.0 521 25 (9 issues need help) 15 Updated Jan 17, 2026
  • www-project-secure-by-design-framework Public

    OWASP Foundation web repository

    OWASP/www-project-secure-by-design-framework’s past year of commit activity
    HTML 6 2 0 2 Updated Jan 17, 2026
  • owasp.github.io Public

    OWASP Foundation main site repository

    OWASP/owasp.github.io’s past year of commit activity
    HTML 624 CC-BY-SA-4.0 305 2 1 Updated Jan 17, 2026
  • Nest Public

    Your gateway to OWASP. Discover, engage, and help shape the future!

    OWASP/Nest’s past year of commit activity
    Python 315 MIT 426 175 (3 issues need help) 52 Updated Jan 16, 2026
  • www-project-hactu8 Public

    OWASP Foundation web repository

    OWASP/www-project-hactu8’s past year of commit activity
    HTML 0 1 25 0 Updated Jan 16, 2026
  • Nettacker Public

    Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

    OWASP/Nettacker’s past year of commit activity
    Python 4,769 Apache-2.0 982 40 (1 issue needs help) 43 Updated Jan 16, 2026
  • OpenCRE Public
    OWASP/OpenCRE’s past year of commit activity
    Python 137 CC0-1.0 66 92 (6 issues need help) 44 Updated Jan 16, 2026
View all repositories