February 25, 2020

349 words 2 mins read

OWASP/wstg

OWASP/wstg

The OWASP Web Security Testing Guide includes a “best practice” penetration testing framework which users can implement in their own organizations and a “low level” penetration testing guide that describes techniques for testing most common web application and web service security issues.
repo name OWASP/wstg
repo link https://github.com/OWASP/wstg
homepage https://owasp.org/www-project-web-security-testing-guide/
language
size (curr.) 6453 kB
stars (curr.) 758
created 2017-05-14
license Creative Commons Attribution Share Alike 4.0 International

OWASP Web Security Testing Guide

Contributions Welcome OWASP Flagship Twitter Follow

Creative Commons License

Welcome to the official repository for the Open Web Application Security Project (OWASP) Web Security Testing Guide (WSTG). The WSTG is a comprehensive guide to testing the security of web applications and web services. Created by the collaborative efforts of security professionals and dedicated volunteers, the WSTG provides a framework of best practices used by penetration testers and organizations all over the world.

We are currently working on release version 5.0. You can read the current document here on GitHub.

For the last stable release, view the previous version 4.0.

Contributions, Feature Requests, and Feedback

We are actively inviting new contributors! To start, read the contribution guide.

This project is only possible thanks to the work of many dedicated volunteers. Everyone is encouraged to help in ways large and small. Here are a few ways you can help:

  • Read the current content and help us fix any spelling mistakes or grammatical errors.
  • Choose an existing issue and submit a pull request to fix it.
  • Open a new issue to report an opportunity for improvement.

To learn how to contribute successfully, read the contribution guide.

Successful contributors appear on the project’s list of authors, reviewers, or editors.

Chat With Us

We’re easy to find on Slack:

  1. Join the OWASP Group Slack with this invitation link.
  2. Join this project’s channel, #testing-guide.

Feel free to ask questions, suggest ideas, or share your best recipes.

You can @ us on Twitter @owasp_wstg.

You can also join our Google Group.

Project Leaders

Core Team

framework framework guide
comments powered by Disqus
alebcay/awesome-shell

alebcay/awesome-shell

February 21, 2020

A curated list of awesome command-line frameworks, toolkits, guides and gizmos. Inspired by awesome-php.
TypedProject/tsed

TypedProject/tsed

March 27, 2019

:triangular_ruler: A Node.js and TypeScript Framework on top of Express. It provides a lot of decorators and guidelines to write your code.
ExpDev07/coronavirus-tracker-api

ExpDev07/coronavirus-tracker-api

February 24, 2020

A simple and fast (< 200ms) API for tracking the global coronavirus (2019-nCoV) outbreak. It’s written in python using the Flask framework.
puzzlelib/PuzzleLib

puzzlelib/PuzzleLib

February 22, 2020

Deep Learning framework with NVIDIA & AMD support
MobSF/Mobile-Security-Framework-MobSF

MobSF/Mobile-Security-Framework-MobSF

February 16, 2020

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
RasaHQ/rasa

RasaHQ/rasa

February 12, 2020

Open source machine learning framework to automate text- and voice-based conversations: NLU, dialogue management, connect to Slack, Facebook, and more - Create chatbots and voice assistants
tensortrade-org/tensortrade

tensortrade-org/tensortrade

February 12, 2020

An open source reinforcement learning framework for training, evaluating, and deploying robust trading agents.
Gallopsled/pwntools

Gallopsled/pwntools

February 10, 2020

CTF framework and exploit development library
elimintz/justpy

elimintz/justpy

February 7, 2020

An object oriented high-level Python Web Framework that requires no frontend programming