OWASP, The Open Web Application Security Project.

OWASP is the Open Web Application Security Project. It is an open community dedicated to enabling organizations to develop, purchase, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. We advocate approaching application security as a “people, process, and technology” problem, because the most effective approaches to application security include improvements in all of these areas.

lightbulb_outline View ideas list


  • python
  • java
  • javascript
  • php


  • Security
  • appsec
  • application security
  • secure development
  • sdlc
  • security
comment IRC Channel
email Mailing list
mail_outline Contact email

OWASP Foundation 2019 Projects

  • Tulja Vamshi Kiran
    Building a Web-based Honeypot & Reporting Threat Intelligence
    The objective is to build a web-based Honeypot project by identifying the emerging attacks against web applications and report them to the community,...
  • Albertor
    Improving and building Lab challenges and write-ups:
    This project I will work on during the GSOC consists on building many new Lab challenges for web app pentesting and clear and easy-to-follow...
  • Abhishek Sharma
    Laying down base architecture
    Laying down a strong foundation & base architecture for Intrusion detection & prevention system (IDS/IPS), intelligent log monitoring, antivirus that...
    OWASP Honeypot GSOC 2019
    OWASP Honeypot : The idea is to: -Test all the modules in the code (currently 4)and if there are bugs found to fix them. -After testing the...
  • Arpit Agrawal
    OWASP Juice Shop: Feature Pack 2019
    This project aims at enhancing the Juice Shop application by drawing inspiration from modern e-commerce companies and incorporating sublime features...
  • Mohit Sharma
    OWASP OWTF-Web Interface Enhancements
    The current web interface of OWTF is non-functional and some of its pages are not yet implemented. This project is about implementing a full...
  • Azhar Ahamed
    OWASP Risk Assessment Framework
    Building an API to stage the results of Static Application Security Testing (SAST) tools.
  • Junfan Huang
    OWASP Seraphimdroid
    OWASP Seraphimdroid has previously applied a system, based on permissions, which is able to distinguish malicious apps from non-malicious. But it...
  • HemantJ
    OWASP SKF – Enhancing user experience on chatbots
    Security Knowledge Framework (SKF) is intended to be a tool that is used as a guide for building and verifying secure software. It can also be used...
  • Saurabh kumar
    Scan2.0 and Writing Unittests for OWASP-Defectdojo
    DefectDojo is a security tool that automates application security vulnerability management. DefectDojo streamlines the application security testing...
  • Manos Kirtas
    WebSocket Scanning
    ZAP has good support for websockets, and allows them to be intercepted, changed and fuzzed. However, it doesn't currently support scanning, either...
  • propersam
    Writing Functional and Unit Tests For Defect-Dojo Tools and Modules
    OWASP DefectDojo is an open source vulnerability management tool and it's used as the backbone for security programs. It helps you keep proper record...