OWASP (Open Web Application Security Project) is a global industry standard framework to develop and produce secure web applications. The OWASP framework includes both high level content (such as their annual report on the top 10 web vulnerabilities) and low-level tools for developers to automatically evaluate the security of their apps against known vulnerabilities.


Course Completion

  • Assess the security of web applications using best-practice OWASP tools
  • Explain the details of common exploits and assess whether systems are exposed to them or not
  • Understand a development processes for creating secure web applications


  • Zed Attack Proxy (web app vulnerability scanner)
  • Web Testing Environment Project
  • Offensive Web Testing Framework
  • Dependency check


  • ModSecurity Core Rule Set Project


  • Top Ten Project
  • Testing Guide project
  • Includes a high level discussion on other, less mature OWASP tools