OWASP OWTF Logo

OWASP OWTF

0
Free
Updated 11 March 2025
Offensive Security
Penetration Testing
Security Testing
Owasp
Security Standards
Pentesting
Visit Website

OWASP OWTF is a project focused on penetration testing efficiency and alignment of security tests to security standards like the OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST. Pentesters can have more time to see the big picture, think out of the box, find, verify, and combine vulnerabilities, investigate complex vulnerabilities, perform more tactical fuzzing, and demonstrate true impact despite short timeframes. The tool is highly configurable, allowing anyone to create simple plugins or add new tests without development experience. However, understanding and experience are required to correctly interpret tool output and decide what to investigate further.

FEATURES

EXPLORE BY TAGS

Penetration Testing

Security Testing

Owasp

Security Standards

Pentesting

SIMILAR TOOLS

DET (extensible) Data Exfiltration Toolkit Logo
DET (extensible) Data Exfiltration Toolkit

DET (extensible) Data Exfiltration Toolkit is a proof of concept tool for performing Data Exfiltration using multiple channels simultaneously.

Free
Offensive Security
Any Run Logo
Any Run

Interactive online malware sandbox for real-time analysis and threat intelligence

Free
Offensive Security
SprayingToolkit Logo
SprayingToolkit

A collection of Python scripts for password spraying attacks against Lync/S4B & OWA, featuring Atomizer, Vaporizer, Aerosol, and Spindrift tools.

Free
Offensive Security
PwnAuth Logo
PwnAuth

PwnAuth is an open-source tool for generating and managing authentication tokens for penetration testing and red teaming exercises.

Free
Offensive Security
Kali Logo
Kali

Kali Linux is a specialized Linux distribution for cybersecurity professionals, focusing on penetration testing and security auditing.

Free
Offensive Security
Shadow Workers Logo
Shadow Workers

A free and open source C2 and proxy for penetration testers

Free
Offensive Security
onemillion Logo
onemillion

Check if a domain is in the Alexa or Cisco top one million domain list.

Free
Offensive Security
SILENTTRINITY Logo
SILENTTRINITY

Modern, asynchronous, multiplayer & multiserver C2/post-exploitation framework with Python 3 and .NETs DLR.

Free
Offensive Security
DDE attack with PowerShell Empire Logo
DDE attack with PowerShell Empire

Weaponize Word documents with PowerShell Empire using the Microsoft DDE exploit.

Free
Offensive Security

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy