OWASP® is a nonprofit foundation that improves the security of software

The Open Web Application Security Project® (OWASP) is a nonprofit foundation that works to improve the security of software. Through community-led open-source software projects, hundreds of local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web.

  • Tools and Resources
  • Community and Networking
  • Education & Training For nearly two decades corporations, foundations, developers, and volunteers have supported the OWASP Foundation and its work. Donate, Join, or become a Corporate Member today.
lightbulb_outline View ideas list


  • python
  • javascript
  • c/c++
  • golang


  • Security
  • application security
  • cybersecurity
  • top 10
  • pentesting
comment IRC Channel
mail_outline Contact email

OWASP Foundation 2021 Projects

  • ricekot
    Adding Out-of-band Application Testing (OAST) Support to ZAP
    OAST stands for Out-of-band Application Security Testing and is used to detect Out-Of-Band (OOB) vulnerabilities, which is not possible to do with a...
  • ankit2001
    Bug Logging Tool
    Bugs or Issues are the vulnerabilities that you find on Websites or Applications when you expect some functionalities to occur but something else...
  • Shaik Ajmal R
    Building a Web Application Firewall that uses Machine Learning .
    The primary goal of my idea is to implement a WAF which uses Machine Learning to detect anomalies in web traffic. The proposed idea Since the...
  • Kaushik Sivashankar
    Dark Web Exploration (for Cyber Threat Analysis) And Expansion of Data Sources
    Primary objective is to design a smart dark web crawler, capable of mapping the darkest crevices of the dark web. Secondary objectives are to expand...
  • Aniket Bhat
    DefectDojo Modern UI
    Modern User Experience For OWASP DefectDojo With this proposal, I intend to shed light on the various areas which can be improved to better the user...
  • Ayas Behera
    Extending the features of the vulnerable code snippets
    In this project two new types of coding challenges for the vulnerable code snippets will be added, one for identifying the vulnerable lines in the...
    General Improvements
    My project mainly deals with all the small but essential enhancements which are stated in the GitHub issues section. These are what I have...
  • Divyansh Jain
    GSOC proposal for Nettacker
    Nettacker is tool which can scan and find vulnerability from the target. This have numerous modules, like recent Microsoft Exchange vulnerability...
  • Pranav Saxena
    Implement Retest Functionality
    ZAP is a great tool to detect vulnerabilities of different kinds in web applications and generate alerts accordingly. However, it currently lacks a...
  • gupt4j1
    Improvements In WebUI for Nettacker
    The current version of OWASP Nettacker needs some improvement in WebUI. I will make some changes to each page of the WebUI/API to make it look...
  • Mrigank Anand
    Improvise Python Honeypot
    Migrate database from mongodb to ElasticSearch to use grafana dashboard along with the python honeypot web interface. Make REST API's compatible with...
  • amanpro30
    Login/Signup Implementation
    The current web application of OWTF has no login/signup implementation. Through this project, I want to work on developing the login and signup...
  • Aman V. Singh
    SecureTea - Improvement in Features
    SecureTea Project provides a one-stop security solution for various devices, I would like to contribute the following features to the Project to make...
  • Diego Porras
    SKF support for interactive vulnerability fixing.
    To expand SFK labs impact I propose, inspired by the project authors, the addition of a component that allows the user to visualize the source code...