Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

Open-Source Unified Vulnerability Management, DevSecOps & ASPM

OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.

Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking

OWASP Foundation Web Respository

The Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and security professionals.

A living document for penetration testing and offensive security.

A community-driven OWASP Foundation project building open-source tools for vulnerability reporting, bug tracking, security automation & contributor engagement.

Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation

A simple web app that helps developers understand the ASVS requirements. Now supporting ASVS 5.0

🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment

I love to teach dotnet concepts in a simple way with real world examples to people who aspire to to be a dotnet developer. I also help developers to refresh their memory with easy to understand analogy.

OWASP Code Review Guide Web Repository

OWASP Project Developer Guide - Document and Project Web pages

OWASP Zed Attack Proxy project landing page.

Sunshine - SBOM visualization tool

OWASP Machine Learning Security Top 10 Project

OWASP Foundation Threat Dragon Project Web Repository

The OWASP Vulnerable Web Applications Directory Project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.