Repositories list

• Nest

  Public
  Your gateway to OWASP. Discover, engage, and help shape the future!

  reactpythongraphql+ 11kubernetesdjangotypescriptrestnextjsk8sgsoc+ 4

  Python

  •

  MIT License

  •188•155•87•24•Updated Aug 10, 2025Aug 10, 2025

• cornucopia

  Public
  The source files and tools needed to build the OWASP Cornucopia decks in various languages

  cardgamegamescard-games+ 6owaspgamificationgameserverthreat-modelingappsecrequirements-analysis

  Python

  •

  Other

  •30•76•28•1•Updated Aug 10, 2025Aug 10, 2025

• nest-schema

  Public
  OWASP Schema

  pythonschemajson-schema+ 4owaspmkdocsyaml-schemaowasp-nest

  Python

  •

  MIT License

  •3•0•0•1•Updated Aug 10, 2025Aug 10, 2025

• www-chapter-coimbatore

  Public
  OWASP Coimbatore's Web & Project Repository

  owaspapplication-securityinformation-security+ 1coimbatore

  HTML

  •25•11•0•0•Updated Aug 10, 2025Aug 10, 2025

• www-project-top-10-for-large-language-model-applications

  Public
  OWASP Top 10 for Large Language Model Apps (Part of the GenAI Security Project)

  aiappsecllm+ 1llm-security

  TeX

  •

  Other

  •226•846•2•10•Updated Aug 10, 2025Aug 10, 2025

• wrongsecrets-ctf-party

  Public
  Run Capture the Flags and Security Trainings with OWASP WrongSecrets

  gitdockerkubernetes+ 6awssecurityctftraining-materialsctfdhacktoberfest

  JavaScript

  •

  Apache License 2.0

  •152•50•8•7•Updated Aug 10, 2025Aug 10, 2025

• www-chapter-logrono

  Public
  OWASP Foundation Web Respository

  HTML

  •1•0•0•0•Updated Aug 10, 2025Aug 10, 2025

• www-chapter-dhaka

  Public
  OWASP Foundation Web Respository

  HTML

  •4•2•0•3•Updated Aug 10, 2025Aug 10, 2025

• owasp.github.io

  Public
  OWASP Foundation main site repository

  HTML

  •

  Creative Commons Attribution Share Alike 4.0 International

  •290•599•13•1•Updated Aug 10, 2025Aug 10, 2025

• www-community

  Public
  OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.

  appseccommunity-projectowasp

  HTML

  •754•1.2k•14•3•Updated Aug 10, 2025Aug 10, 2025

• www-project-secure-headers

  Public
  The OWASP Secure Headers Project

  httpsecurityweb+ 4owaspsecureheadersappsec

  Python

  •

  Apache License 2.0

  •44•167•1•0•Updated Aug 10, 2025Aug 10, 2025

• www-chapter-frankfurt

  Public
  OWASP Foundation Web Respository

  HTML

  •1•3•0•1•Updated Aug 9, 2025Aug 9, 2025

• Nettacker

  Public
  Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

  pythonsecurityautomation+ 17scannerbruteforceowasppenetration-testingpentestingreconcve+ 10

  Python

  •

  Apache License 2.0

  •896•4.4k•26•22•Updated Aug 9, 2025Aug 9, 2025

• mas-website

  Public
  The OWASP Mobile Application Security Project website is the central hub for industry-leading standards, guides, and resources—helping developers and security professionals build, test, and secure mobile applications.

  Shell

  •

  Creative Commons Attribution Share Alike 4.0 International

  •1•0•2•0•Updated Aug 9, 2025Aug 9, 2025

• crAPI

  Public
  completely ridiculous API (crAPI)

  apiowasphacktoberfest+ 1apisecurity

  Java

  •

  Apache License 2.0

  •441•1.3k•35•12•Updated Aug 9, 2025Aug 9, 2025

• wrongsecrets

  Public
  Vulnerable app with examples showing how to not use secrets

  javadockerkubernetes+ 16awssecurityvaultazuregcpsecretsowasp+ 9

  Java

  •

  GNU Affero General Public License v3.0

  •465•1.3k•27•9•Updated Aug 9, 2025Aug 9, 2025

• www-chapter-ottawa

  Public
  OWASP Foundation Web Respository for the Ottawa Ontario Chapter

  owaspappsecwebappsec+ 2itsecurityitsec

  HTML

  •9•3•0•0•Updated Aug 9, 2025Aug 9, 2025

• www-chapter-cotonou

  Public
  OWASP Foundation Web Respository

  HTML

  •2•2•0•1•Updated Aug 8, 2025Aug 8, 2025

• secure-coding-practices-quick-reference-guide

  Public
  The Secure Coding Practices Quick-reference Guide from OWASP

  securityowaspcoding

  Creative Commons Attribution Share Alike 4.0 International

  •8•38•0•0•Updated Aug 8, 2025Aug 8, 2025

• CheatSheetSeries

  Public
  The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

  securitycodebest-practices+ 4application-securityappseccheatsheetsowasp

  Python

  •

  Creative Commons Attribution Share Alike 4.0 International

  •4.2k•30k•38•8•Updated Aug 8, 2025Aug 8, 2025

• SecureCodingDojo

  Public
  The Secure Coding Dojo is a platform for delivering secure coding knowledge.

  secure-codingtraining-portalowasp

  PHP

  •

  Apache License 2.0

  •148•584•12•4•Updated Aug 7, 2025Aug 7, 2025

• QRLJacking

  Public
  QRLJacking or Quick Response Code Login Jacking is a simple-but-nasty attack vector affecting all the applications that relays on “Login with QR code” feature as a secure way to login into accounts which aims for hijacking users session by attackers.

  Python

  •

  GNU General Public License v3.0

  •644•1.4k•69•2•Updated Aug 7, 2025Aug 7, 2025

• DevGuide

  Public
  The OWASP Developer Guide

  owaspowasp-developer-guide

  Creative Commons Attribution Share Alike 4.0 International

  •395•2.1k•15•0•Updated Aug 7, 2025Aug 7, 2025

• www-project-ai-security-and-privacy-guide

  Public
  OWASP Foundation Web Respository

  HTML

  •67•289•8•12•Updated Aug 7, 2025Aug 7, 2025

• www-project-proactive-controls

  Public
  OWASP Foundation Web Respository

  Shell

  •

  Creative Commons Attribution Share Alike 4.0 International

  •75•147•5•1•Updated Aug 7, 2025Aug 7, 2025

• www-project-operational-technology-top-10

  Public
  OWASP Foundation web repository

  HTML

  •

  Creative Commons Attribution Share Alike 4.0 International

  •9•12•6•2•Updated Aug 7, 2025Aug 7, 2025

• wrongsecrets-binaries

  Public
  Source code for the Binaries of OWASP WrongSecrets

  hacktoberfest

  C

  •

  GNU Affero General Public License v3.0

  •6•11•3•2•Updated Aug 7, 2025Aug 7, 2025

• threat-dragon

  Public
  An open source threat modeling tool from OWASP

  owaspthreat-modelingsdlc+ 2threat-dragonowasp-threat-dragon

  JavaScript

  •

  Apache License 2.0

  •304•1.2k•85•3•Updated Aug 7, 2025Aug 7, 2025

• www-board

  Public
  HTML

  •13•5•0•0•Updated Aug 7, 2025Aug 7, 2025

• wstg

  Public
  The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

  application-securitypentestingbugbounty+ 8appsechacktoberfestsecurityguidebest-practiceshackingowasp+ 1

  Dockerfile

  •

  Creative Commons Attribution Share Alike 4.0 International

  •1.5k•8.2k•54•2•Updated Aug 6, 2025Aug 6, 2025