Application Security Verification Standard
☆3,345Updated this week
Alternatives and similar repositories for ASVS
Users that are interested in ASVS are comparing it to the libraries listed below
Sorting:
- The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.☆8,863Updated this week
- SAMM stands for Software Assurance Maturity Model.☆398May 17, 2022Updated 3 years ago
- The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.☆2,334Dec 22, 2025Updated 2 months ago
- The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topic…☆31,397Feb 18, 2026Updated last week
- Official OWASP Top 10 Document Repository☆5,285Jan 6, 2026Updated last month
- Security Knowledge Framework (SKF) Python Flask / Angular project☆827Mar 12, 2024Updated last year
- Open-Source Unified Vulnerability Management, DevSecOps & ASPM☆4,532Updated this week
- Web and mobile application security training platform☆1,425Feb 10, 2026Updated 2 weeks ago
- OWASP API Security Project☆2,244Jan 1, 2026Updated last month
- The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse enginee…☆12,736Updated this week
- An open source threat modeling tool from OWASP☆1,331Updated this week
- This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory☆883Dec 15, 2025Updated 2 months ago
- threatspec - continuous threat modeling, through code☆379Dec 30, 2020Updated 5 years ago
- Software Component Verification Standard (SCVS)☆155Apr 1, 2025Updated 10 months ago
- A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for …☆1,716Aug 2, 2024Updated last year
- OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependen…☆7,441Feb 20, 2026Updated last week
- In-depth attack surface mapping and asset discovery☆14,159Updated this week
- Application Security Automation☆527Sep 5, 2023Updated 2 years ago
- The ZAP by Checkmarx Core project☆14,796Updated this week
- A Pythonic framework for threat modeling☆1,108Updated this week
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆3,623Updated this week
- Multi-Cloud Security Auditing Tool☆7,551Sep 23, 2025Updated 5 months ago
- Getting a handle on container security☆675Dec 4, 2023Updated 2 years ago
- ☆124Nov 8, 2023Updated 2 years ago
- Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.o…☆1,925Feb 16, 2026Updated last week
- A list of public penetration test reports published by several consulting firms and academic security groups.☆9,372Nov 24, 2025Updated 3 months ago
- An authoritative list of awesome devsecops tools with the help from community experiments and contributions.☆5,321May 11, 2024Updated last year
- This project is about creating and publishing threat model examples.☆428Nov 10, 2021Updated 4 years ago
- OWASP ASVS checklist for audits☆214Jan 5, 2024Updated 2 years ago
- Agile Threat Modeling Toolkit☆725Nov 20, 2025Updated 3 months ago
- A simple web app that helps developers understand the ASVS requirements. Now supporting ASVS 5.0☆163Nov 25, 2025Updated 3 months ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆5,073Updated this week
- OWASP Juice Shop: Probably the most modern and sophisticated insecure web application☆12,576Updated this week
- A Continuous Threat Modeling methodology☆324Jun 24, 2022Updated 3 years ago
- The OWASP Developer Guide☆2,142Feb 5, 2026Updated 3 weeks ago
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆14,193Feb 20, 2026Updated last week
- An open source, online threat modelling tool from OWASP☆484Jul 18, 2025Updated 7 months ago
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆32,280Updated this week
- SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in …☆69,062Updated this week