Tag Archives: OWASP

Find Security Bugs – SpotBugs plugin for Java

Find Security Bugs is a well-known plugin for security audits of Java web applications. the tool have a large list of rules to identify security

Threat Dragon – Online Threat Modelling Tool from OWASP

Threat Dragon is a free, open-source, cross-platform threat modelling application including system diagramming and a threat rule engine

Dependency-Check – Software Composition Analysis Tool

Dependency-Check is a Software Composition Analysis (SCA) tool that attempts to detect publicly disclosed vulnerabilities contained within a project

WebGoat – A Deliberately Insecure Web Application

WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. This program is a demonstration

Graudit – Static Source Code Scanning Tool

graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep.

Multi-juicer – Run Capture the Flags with OWASP Juice Shop

Multi-juicer is a framework to Run Capture the Flags with OWASP Juice Shop. Running CTFs and Security Trainings with OWASP Juice Shop

OWASP Mutillidae II – Another Vulnerable Web-application

OWASP Mutillidae II is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiast.