OWASP iGoat - A Learning Tool for iOS App Pentesting and Security by Swaroop Yermalkar

IoTGoat is a deliberately insecure firmware created to educate software developers and security professionals with testing commonly found vulnerabilities in IoT devices.

WebGoat is a deliberately insecure application

OWASP Foundation Web Respository

Dragon-GPT uses Chat-GPT, or local LLM, to execute automatic and AI-powered threat modeling analysis on a given OWASP Threat Dragon diagram.

Security Champions Playbook v 2.1

OWASP Foundation Web Respository

OWASP Foundation Web Respository

OWASP Foundation Web Respository

GitHub action to generate a CycloneDX SBOM for Node.js

📦 GitHub Action for creating GitHub Releases

Top level project - includes wiki, github-pages and issues

OWASP Foundation Web Respository

OWASP Project Developer Guide - Document and Project Web pages

The OWASP Guide

The Secure Coding Practices Quick-reference Guide from OWASP

OWASP Foundation Project Web Repository for Secure Coding Practices Quick-reference Guide

The Open Threat Modeling Format (OTM) defines a platform independent way to define the threat model of any system.

OWASP Threat Dragon website

The ZAP core project

🚀 JavaScript diagramming library that uses SVG and HTML for rendering.

Scripts and Web Application for folk music tune transcription and recognition

Documenting your Threat Models with HCL

An attempt at creating a unifying Threat Model Definition Language using a declarative syntax with cuelang

OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.

Utility scripts bash/groovy

An open source, online threat modelling tool from OWASP

Location of the slides presented during the OWASP PDX AppSec presentation on 19 May 2021

Draw.io libraries for threat modeling diagrams