Your gateway to OWASP. Discover, engage, and help shape the future!

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWA…

Run Capture the Flags and Security Trainings with OWASP WrongSecrets

OWASP Foundation Web Respository

OWASP Foundation Web Respository

Vulnerable app with examples showing how to not use secrets

DIY Alexa

The Swiss Army Container for Cloud Native Security. Container with all the list of useful tools/commands while hacking and securing Containers, Kubernetes Clusters, and Cloud Native workloads.

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

Frida Boot 👢- A binary instrumentation workshop, with Frida, for beginners!

SEDATED® Project (Sensitive Enterprise Data Analyzer To Eliminate Disclosure)

🔒 Swift Obfuscator that protects iOS apps against reverse engineering attacks.

OWASP Foundation Web Repository

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

A big list of Android Hackerone disclosed reports and other resources.

Ansible for DevOps examples.

OWASP iGoat - A Learning Tool for iOS App Pentesting and Security by Swaroop Yermalkar

Content for OWASP Summit 2017 site

Automatic SQL injection and database takeover tool

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.