The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.
OWASP Application Fuzzing Framework Project- Project Leader: Marek Zmyslowski. The framework will be used to fuzz applications in the Windows environment. It will have a couple of modules. Two main modules will be for ile fuzzing and dll fuzzing. A very wide configuration will allow for many fuzzing possibilities.
OWASP Security JDIs Project- Project Leader: Edwin Aldridge. This project aims to build a library of concise, actionable, technology specific instructions detailing good practice on avoiding or closing specific vulnerabilities. This will be a Security HOWTOs for people who may not have time to study a problem in depth but need to secure their application. OWASP Top 10 Fuer Entwickler- Project Leader: Torsten Gigler The Top 10 Fuer Entwickler (Top 10 Developer Edition in German) The objectives of the project is to add Good Practices (like the Cheat Sheets) to the OWASP Top 10. Its aim is to bridge the gap between awareness and theoretical knowledge, to effective know-how for the purpose of building good programs. It is written in German to amke it easier for German developers to use it. We will take care to make a migration to other languages easy.
OWASP Rails Goat Project- Project Leader: Ken Johnson This is a Rails application which is vulnerable to the OWASP Top 10. It is intended to show how each of these categories of vulnerabilities can manifest themselves in a Rails-specific way as well as provide the subsequent mitigations for each.
OWASP Code Review Table of Contents is now live! We are currently still recruiting authors that can assist with section development, writing, and editing of the Code Review Guide. This is an excellent opportunity to work on a high profile OWASP Flagship project. Applicants are encouraged to choose to contribute to either a section or the entire chapter. Authors should be knowledgeable about the sections they choose. For more information on the OWASP Code Review Guide, please visit the Project Webpage.
Thank you to the following Companies who have renewed their memberships:
Do you have some news? Submit your item to appear in the next connector HERE
AppSec USA 2013 will be OWASP's biggest event and fundraiser ever! Join 2000+ attendees for over 50 sessions across 3 tracks to learn about the latest and greatest in software security in the heart of NYC.
Register now and save 50%
The first 200 tickets are available until May 15th for the low price of $445. Visit http://appsecusa.org to register for the event and save on your early hotel reservation. this is an extraordinary rate to experience an amazing OWASP and NYC event. In addition to the conference talks, you will have opportunities to practice lockpicking, compete in the CTF, discuss OWASP Projects, look for a new career opportunity, and shop around with all the latest and greatest security vendors.
Want to share your knowledge with the world?
Call for Training and Call for Papers is now open! Learn more about our selection committee and submit your proposals at http://appsecusa.org
The OWASP Foundation would not exist without the thousands of volunteers who donate their time, talent, and treasure to support our mission! We join with countries around the world to recognize and say thank you to our many volunteers