Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

Open-Source Unified Vulnerability Management, DevSecOps & ASPM

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.

OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.

Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking

OWASP Foundation Web Respository

The Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and security professionals.

A living document for penetration testing and offensive security.

Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation

OWASP BLT - Bug Logging Tools

🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment

A simple web app that helps developers understand the ASVS requirements. Now supporting ASVS 5.0

I love to teach dotnet concepts in a simple way with real world examples to people who aspire to to be a dotnet developer. I also help developers to refresh their memory with easy to understand analogy.

OWASP Code Review Guide Web Repository

OWASP Project Developer Guide - Document and Project Web pages

OWASP Zed Attack Proxy project landing page.

OWASP Machine Learning Security Top 10 Project

Sunshine - SBOM visualization tool

OWASP Foundation Threat Dragon Project Web Repository

An open-source knowledge base of defensive countermeasures to protect AI/ML systems. Features interactive views and maps defenses to known threats from frameworks like MITRE ATLAS, MAESTRO, and OWASP.