Category:OWASP Project Proof

An OWASP project is a collection of related tasks that have a defined roadmap and team members. OWASP project leaders are responsible for defining the vision, roadmap, and tasks for the project. The project leader also promotes the project and builds the team.

Proposing a new project
To propose a new project, please send an email to owasp@owasp.org. Each project should have a roadmap page that details the current set of tasks and rough schedule. The page should be named "OWASP XXX Project Roadmap"

Release Quality Projects

 * OWASP AppSec FAQ Project - an FAQ covering many application security topics
 * OWASP Guide Project - a massive document covering all aspects of web application and web service security
 * OWASP .NET Project - a project focused on helping .NET developers build secure applications
 * OWASP Legal Project - a project focused on contracting for secure software
 * OWASP Top Ten Project - an awareness document that describes the top ten web application security vulnerabilities
 * OWASP WebGoat Project - an online training environment for hands-on learning about application security
 * OWASP WebScarab Project - a tool for performing all types of security testing on web applications and web services

OWASP Tool Labs (beta)

 * OWASP CAL9000 Project - a JavaScript based web application security testing suite
 * OWASP CLASP Project - a project focused on defining process elements that reinforce application security
 * OWASP LAPSE Project - an Eclipse-based source static analysis tool for Java
 * OWASP Sprajax Project - an open source black box security scanner used to assess the security of AJAX-enabled applications
 * OWASP SQLiX Project - a project focused on the development of SQLiX, a full perl-based SQL scanner
 * OWASP Pantera Web Assessment Studio Project - a project focused on combining automated capabilities with complete manual testing to get the best results
 * OWASP Live CD Project - a CD containing ready to use versions of application security analysis and testing tools
 * OWASP Orizon Project - a project focused on the development of a flexible code review engine

OWASP Document Labs (beta)

 * OWASP AJAX Security Guide - investigating the security of AJAX enabled applications
 * OWASP Application Security Assessment Standards Project - establish a set of standards defining baseline approaches to conducting differing types/levels of application security assessment
 * OWASP Application Security Metrics Project - identify and provide a set of application security metrics that have been found by contributors to be effective in measuring application security
 * OWASP Code Review Project - a new project to capture best practices for reviewing code
 * OWASP Honeycomb Project - a comprehensive and integrated guide to the fundamental building blocks of application security
 * OWASP Java Project - a project focused on helping Java and J2EE developers build secure applications
 * OWASP PHP Project - a project focused on helping PHP developers build secure applications
 * OWASP Testing Guide - a project focused on application security testing procedures and checklists
 * OWASP Validation Project - a project that provides guidance and tools related to validation

OWASP Archive (stalled)

 * OWASP Logging Guide - a project to define best practices for logging and log management
 * OWASP Risk Management Project - a new project focused on processes for managing application security risk
 * OWASP WASS Project - a standards project to develop more concrete criteria for secure applications

OWASP Project Mailing Lists