OWASP, The Open Web Application Security Project.

The OWASP Foundation came online on December 1st 2001 it was established as a not-for-profit charitable organization in the United States on April 21, 2004 to ensure the ongoing availability and support for our work at OWASP. OWASP is an international organization and the OWASP Foundation supports OWASP efforts around the world. OWASP is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. We advocate approaching application security as a people, process, and technology problem because the most effective approaches to application security include improvements in all of these areas. We can be found at www.owasp.org.

OWASP is a new kind of organization. Our freedom from commercial pressures allows us to provide unbiased, practical, cost-effective information about application security. OWASP is not affiliated with any technology company, although we support the informed use of commercial security technology. Similar to many open-source software projects, OWASP produces many types of materials in a collaborative and open way. The OWASP Foundation is a not-for-profit entity that ensures the project's long-term success

lightbulb_outline View ideas list


  • java
  • net
  • ruby
  • javascript
  • python


  • Security
  • application security
  • cloud security
  • mobile security
email Mailing list
mail_outline Contact email

OWASP Foundation 2018 Projects

  • M. Kajan
    Authentication helper add-on for ZAP
    ZAP allows the penetration tester to set up authentication for the web application being tested. This allows ZAP to run tests from the point of an...
  • S Rahul Badami-1
    Bug Logging Tool
    BLT lets anyone report issues they find on the internet. It gives points to users for reporting bugs .But it lacks mobile portability that is the app...
  • Shaddy Garg
    General Improvements and Bug Fixes for OWASP-Nettacker
    OWASP Nettacker is a project that automatically gathers information, scans network for vulnerabilities and eventually generates a report for...
  • Shoeb Patel
    OWASP Juice Shop : Challenge Pack 2018
    This project will involve designing and implementing new vulnerable features and challenges around them which will successfully show how...
  • Aashish Singh
    OWASP Juice Shop : Frontend Technology Update
    Juice shop uses AngularJS for it's frontend along with Bootstrap. Keeping the application up to date with the latest technologies is important to...
  • Priyanka Jain
    OWASP SKF - New user experience based on chat bots
    Security Knowledge Framework (SKF) is a tool that is used as a guide for building and verifying secure software.It can also be used to train...
  • Pradeep Jairamani
    Owasp-Nettacker Enhancements
    OWASP-Nettacker currently is a project with less functionality compared to other network penetration testing tools like Nmap, Nessus. In this...
  • Emmanouil Kirtas
    WebSockets Active Scanning
    For my contribution to the ZAP I am going to implement an active web socket scan. Specifically, I will develop an extension for WebSocket add-on by...