Owasp
Browse 304 owasp tools
FEATURED
ImmuniWeb MobileSuite is a mobile application penetration testing platform that combines AI-powered automation with manual security testing to assess mobile apps and their backend infrastructure for security vulnerabilities and compliance requirements.
WAF and L7 DoS protection for modern apps and APIs in DevOps environments
API discovery, security, governance & lifecycle mgmt platform for enterprises
DAST platform for web app & API vulnerability scanning with AI-enabled features
Unified API security platform for discovery, risk assessment, and mitigation
Cloud-based DAST solution for web app & API security with AI-powered scanning
SaaS-based WAF for protecting web apps across multi-cloud, on-prem & edge
AI-powered AppSec platform for DAST, IAST, API security with auto-remediation
WAF protecting web apps and APIs from OWASP Top 10, bots, and DDoS attacks
IAST solution for automated web app security testing in DevOps pipelines
Free WAF protecting web applications against OWASP Top 10 attacks
Web app and API protection platform with WAF, bot, DDoS, and API security
Platform for API & app security with discovery, testing, and protection
DAST solution for web apps and APIs with automated scanning capabilities
API security platform for discovery, testing, and protection of APIs
AI-powered cloud WAF with DDoS protection, bot management, and rate limiting
BlackWidow is a Python-based web application scanner that combines OSINT gathering with automated fuzzing to identify OWASP vulnerabilities in target websites.
Insider is an open-source CLI tool that performs static source code analysis to detect OWASP Top 10 vulnerabilities across multiple programming languages including Java, Kotlin, Swift, .NET, C#, and JavaScript.
WebGoat is an OWASP-maintained deliberately insecure web application designed to teach web application security through hands-on exercises with intentional vulnerabilities.
The best security training environment for Developers and AppSec Professionals.
Bearer CLI is a static application security testing tool that scans source code across multiple programming languages to identify and prioritize OWASP Top 10 and CWE Top 25 security vulnerabilities through data flow analysis.
A presentation about the OWASP Top 10, a list of the most critical security risks to web applications.
A Node.js CLI tool that automates the setup of CTF events using OWASP Juice Shop challenges across multiple CTF frameworks.
