OWASP Snakes and Ladders is an educational project. It uses gamification to promote awareness of application security controls and risks, and in particular knowledge of other OWASP documents and tools. In the board game for web applications (Print-ready PDFs), the virtuous behaviors (ladders) are secure coding practices (from OWASP Proactive Controls project 2014-2016) and the […]

Read More →

The OWASP Mobile Security Testing Guide (MSTG) is the ultimate guide for mobile app security testing and reverse engineering. The MSTG is a comprehensive manual for testing the security of mobile apps. It describes technical processes for verifying the controls listed in the OWASP Mobile Application Verification Standard (MASVS). The MSTG provides a baseline set […]

Read More →

OWASP Juice Shop is an intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws. Juice Shop is written in Node.js, Express and AngularJS. The application contains more than 30 challenges of varying difficulty where the user is supposed to exploit the underlying […]

Read More →

The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Their mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks. An OWASP project is a collection of related tasks that have […]

Read More →