OWASP repositories

cornucopia

Public

The source files and tools needed to build the OWASP Cornucopia decks in various languages

cardgame games card-games

cardgame games card-games owasp gamification gameserver threat-modeling appsec requirements-analysis

Python

•

Creative Commons Attribution Share Alike 4.0 International

•92•123•41•20•Updated

Apr 14, 2026

mas-website

Public

The OWASP Mobile Application Security Project website is the central hub for industry-leading standards, guides, and resources—helping developers and security p…

TypeScript

•

Creative Commons Attribution Share Alike 4.0 International

•7•6•5•5•Updated

Apr 14, 2026

CheatSheetSeries

Public

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

security code best-practices

security code best-practices owasp application-security appsec cheatsheets

Python

•

Creative Commons Attribution Share Alike 4.0 International

•4.4k•32k•33•19•Updated

Apr 14, 2026

mastg

Public

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes tech…

android ios static-analysis

android ios static-analysis reverse-engineering hacking mobile-app android-application ios-app dynamic-analysis pentesting

Python

•

Creative Commons Attribution Share Alike 4.0 International

•2.7k•13k•189•52•Updated

Apr 14, 2026

www-project-automated-threats-to-web-applications

Public

OWASP Foundation Web Respository

HTML

•21•76•4•1•Updated

Apr 14, 2026

wstg

Public

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

security guide best-practices

security guide best-practices hacking owasp penetration-testing application-security pentesting bugbounty appsec

Creative Commons Attribution Share Alike 4.0 International

•1.6k•9.1k•37•8•Updated

Apr 14, 2026

AISVS

Public

The AI Security Verification Standard (AISVS) focuses on providing developers, architects, and security professionals with a structured checklist to verify the …

aisecurity

Creative Commons Attribution Share Alike 4.0 International

•58•124•13•3•Updated

Apr 14, 2026

threat-dragon

Public

An open source threat modeling tool from OWASP

owasp threat-modeling sdlc

owasp threat-modeling sdlc threat-dragon owasp-threat-dragon

JavaScript

•

Apache License 2.0

•361•1.4k•89•6•Updated

Apr 14, 2026

www-project-mcp-top-10

Public

OWASP Foundation web repository

HTML

•

Other

•20•57•12•5•Updated

Apr 14, 2026

www-chapter-germany

Public

OWASP Foundation Web Respository

HTML

•28•19•0•1•Updated

Apr 14, 2026

Nest

Public

Your gateway to OWASP. Discover, engage, and help shape the future!

react python graphql

react python graphql django typescript rest nextjs gsoc tailwindcss typescript-react

Python

•

MIT License

•633•411•271•69•Updated

Apr 14, 2026

owasp.github.io

Public

OWASP Foundation main site repository

HTML

•

Creative Commons Attribution Share Alike 4.0 International

•314•643•4•2•Updated

Apr 14, 2026

Nettacker

Public

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

python security automation

python security automation scanner bruteforce owasp penetration-testing pentesting recon cve

Python

•

Apache License 2.0

•1.1k•5k•77•140•Updated

Apr 14, 2026

www-chapter-augsburg

Public

OWASP Foundation Web Respository

HTML

•1•2•0•2•Updated

Apr 13, 2026

wrongsecrets-ctf-party

Public

Run Capture the Flags and Security Trainings with OWASP WrongSecrets

git docker kubernetes

git docker kubernetes aws security ctf training-materials ctfd hacktoberfest

JavaScript

•

Apache License 2.0

•173•55•6•10•Updated

Apr 13, 2026

pytm

Public

A Pythonic framework for threat modeling

diagram dataflow threat-modeling

diagram dataflow threat-modeling threats sequence-diagram secure-development data-flow-diagram dfd pythonic-framework threat-modeling-from-code

Python

•

Other

•217•1.1k•48•20•Updated

Apr 13, 2026

www-chapter-helsinki

Public

OWASP Foundation Web Respository

HTML

•3•0•0•1•Updated

Apr 13, 2026

www--site-theme

Public

Contains owasp site theme specific items (headers, footers, json, menus)

HTML

•31•9•2•2•Updated

Apr 13, 2026

www-chapter-saitama

Public

OWASP Foundation Web Respository

HTML

•2•3•5•0•Updated

Apr 13, 2026

www-project-docksec

Public

OWASP Foundation web repository

Python

•

MIT License

•1•0•0•14•Updated

Apr 13, 2026

www-chapter-seoul

Public

OWASP Foundation Web Respository

HTML

•7•12•0•0•Updated

Apr 13, 2026

OWASP-VWAD

Public

:warning: This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory

owasp vulnerable appsec

owasp vulnerable appsec vulnerable-web-app vulnerable-web-application

Apache License 2.0

•221•881•0•0•Updated

Apr 13, 2026

www-project-vulnerableapp

Public

OWASP Foundation Web Respository for VulnerableApp project. Project's codebase Repository: https://github.com/SasanLabs/VulnerableApp

Ruby

•10•13•0•2•Updated

Apr 13, 2026

www-project-agentic-skills-top-10

Public

OWASP Foundation web repository

HTML

•

Other

•13•47•4•1•Updated

Apr 12, 2026

www-community

Public

OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.

owasp appsec community-project

HTML

•822•1.3k•10•7•Updated

Apr 12, 2026

www-project-secure-headers

Public

The OWASP Secure Headers Project

http security web

http security web owasp secure headers appsec

Python

•

Apache License 2.0

•45•192•1•0•Updated

Apr 12, 2026

OpenCRE

Public

security security-audit standards

Python

•

Creative Commons Zero v1.0 Universal

•116•150•89•73•Updated

Apr 11, 2026

www-project-cve-assessment-guide

Public

OWASP Foundation web repository

HTML

•

Other

•0•0•0•0•Updated

Apr 11, 2026

www-project-web-security-testing-guide

Public

The Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and security professionals.

owasp owasp-website wstg

HTML

•245•571•0•0•Updated

Apr 11, 2026

www-project-vulnerable-web-applications-directory

Public

The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currentl…

owasp appsec webappsec

owasp appsec webappsec vulnerable-web-app vulnerable-web-application vulnerable-applications

HTML

•

Creative Commons Attribution Share Alike 4.0 International

•46•86•0•0•Updated

Apr 11, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

OWASP

All

All

1.4k repositories

cornucopia

mas-website

CheatSheetSeries

mastg

www-project-automated-threats-to-web-applications

wstg

AISVS

threat-dragon

www-project-mcp-top-10

www-chapter-germany

Nest

owasp.github.io

Nettacker

www-chapter-augsburg

wrongsecrets-ctf-party

pytm

www-chapter-helsinki

www--site-theme

www-chapter-saitama

www-project-docksec

www-chapter-seoul

OWASP-VWAD

www-project-vulnerableapp

www-project-agentic-skills-top-10

www-community

www-project-secure-headers

OpenCRE

www-project-cve-assessment-guide

www-project-web-security-testing-guide

www-project-vulnerable-web-applications-directory

All

All

Repositories list

1.4k repositories