The Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and security professionals. The WSTG is a …

Web Application Vulnerability Scanners are automated tools that scan web applications, normally from the outside, to look for security vulnerabilities such as Cross-site scripting, SQL Injection, …

While web server fingerprinting is often encapsulated in automated testing tools, it is important for researchers to understand the fundamentals of how these tools attempt to identify software, …

Nov 19, 2025 · OWASP Foundation, the Open Source Foundation for Application Security on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to …

Nov 6, 2025 · The OWASP Top 10 is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to …

WSTG - v4.2 on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.

The OWASP Mobile Application Security (MAS) flagship project provides a security standard for mobile apps (OWASP MASVS), a list of common security and privacy weaknesses specific to …

The Development Guide will show your project how to archi- tect and build a secure application, the Code Review Guide will tell you how to verify the security of your application’s source …

The OWASP DevSecOps Guideline project explains how to best implement a secure pipeline, using best practices and introducing automation tools to help 'shift-left' security issues.

The OWASP Mobile Application Security Testing Guide is a comprehensive manual for mobile application security testing and reverse engineering. It describes the technical processes used …