Top #owasp Tools & Software

CheatSheetSeries

github

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

juice-shop

github

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

wstg

github

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

awesome-appsec

github

A curated list of resources for learning about application security

awesome-web-hacking

github

A list of web application security

WhatWeb

github

Next generation web scanner

Nettacker

github

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

django-DefectDojo

github

Open-Source Unified Vulnerability Management, DevSecOps & ASPM

dependency-track

github

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

bluemonday

github

bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS

coreruleset

github

OWASP CRS (Official Repository)

awesome-nodejs-security

github

Awesome Node.js Security resources

Astra

github

Automated Security Testing For REST API's

bearer

github

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

find-sec-bugs

github

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

masvs

github

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

API-Security

github

OWASP API Security Project