The OWASP Application Security Wiki is a comprehensive online resource that provides detailed information on various application security topics, including secure coding practices, secure development lifecycle, and threat modeling. It is a collaborative effort by the Open Web Application Security Project (OWASP) to provide a centralized repository of knowledge on application security. The wiki contains articles, tutorials, and guides on various aspects of application security, including secure coding practices, secure development lifecycle, threat modeling, and more. It is a valuable resource for developers, security professionals, and anyone interested in learning more about application security.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
All-in-one vulnerability intelligence platform for prioritizing remediation efforts and driving security strategies.
A Ruby script that scans networks for vulnerable third-party web applications and front-ends with known exploitable security flaws.
An AI-powered Google Dorking tool that helps create effective search queries to uncover sensitive information on the internet.
Simple script to check a domain's email protections and identify vulnerabilities.
Dnscan is a DNS reconnaissance tool that performs DNS scans, DNS cache snooping, and DNS amplification attack detection.
A fully customizable, offensive security reporting solution for pentesters, red teamers, and other security professionals.
A search engine for the Internet of Things (IoT) that provides real-time information about connected devices.
LeakIX is a red-team search engine that indexes mis-configurations and vulnerabilities online.
Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.