<div dir="ltr">Hi All<div><br></div><div>I have been working on categorising the Owasp projects based on the kind of tool/code library and programming language used</div><div><br></div><div>I would like very much your feedback an ideas on the kind of categories</div><div><br></div><div>We do not want to make it to granular, feel free to reply</div><div><br></div><div>Regards</div><div><br></div><div>Johanna Curiel</div><div>Project Review Team Leader</div><div><br></div><div><table cellspacing="0" cellpadding="0" dir="ltr" border="1" style="table-layout:fixed;font-size:13px;font-family:arial,sans,sans-serif;border-collapse:collapse;border:1px solid rgb(204,204,204)"><colgroup><col width="355"><col width="252"><col width="252"><col width="307"></colgroup><tbody><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom;font-size:120%;font-weight:bold">Code/Tools</td><td style="padding:2px 3px;vertical-align:bottom;font-size:120%;font-weight:bold">Maturity Level</td><td style="padding:2px 3px;vertical-align:bottom;font-size:120%;font-weight:bold">Programming language written</td><td style="padding:2px 3px;vertical-align:bottom;font-size:120%;font-weight:bold">Keywords/short description</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,229,153);font-weight:bold">Vulnerable Websites/Vulnerability training apps</td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">WebGoat</td><td style="padding:2px 3px;vertical-align:bottom">LAB</td><td style="padding:2px 3px;vertical-align:bottom">Java</td><td style="padding:2px 3px;vertical-align:bottom">Vulnerabilities Java Learning</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">WebGoatPHP</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">PHP</td><td style="padding:2px 3px;vertical-align:bottom">Vulnerabilities learning PHP</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom;text-decoration:underline;color:rgb(17,85,204)"><a class="" href="//www.google.com/url?q=http%3A%2F%2FWebGoat.NET" target="_blank">WebGoat.NET</a></td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">.NET</td><td style="padding:2px 3px;vertical-align:bottom">Vulnerabilities learning .NET</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Hackademic Challenges Project</td><td style="padding:2px 3px;vertical-align:bottom">LAB</td><td style="padding:2px 3px;vertical-align:bottom">Java</td><td style="padding:2px 3px;vertical-align:bottom">Vulnerabilities Java Learning</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Security Shepherd </td><td style="padding:2px 3px;vertical-align:bottom">LAB</td><td style="padding:2px 3px;vertical-align:bottom">Java</td><td style="padding:2px 3px;vertical-align:bottom">Vulnerabilities Java Learning</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP iGoat </td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Objective C</td><td style="padding:2px 3px;vertical-align:bottom">Vulnerabilties Android Mobile</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Bricks</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">PHP</td><td style="padding:2px 3px;vertical-align:bottom">Vulnerabilities learning PHP</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Mutillidae 2</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">PHP</td><td style="padding:2px 3px;vertical-align:bottom">Vulnerabilty app</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP SeraphimDroid</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Java</td><td style="padding:2px 3px;vertical-align:bottom">Vulnerabilties Android Mobile</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Node js Goat</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Javascript/Node.js framework</td><td style="padding:2px 3px;vertical-align:bottom">Vulnerabilities Node.js</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Faux Bank Project</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">ASP</td><td style="padding:2px 3px;vertical-align:bottom">Vulnerabilities Banking app</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204);font-weight:bold">Pen testing tools</td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Zed Attack Proxy</td><td style="padding:2px 3px;vertical-align:bottom">Flagship</td><td style="padding:2px 3px;vertical-align:bottom">Java</td><td style="padding:2px 3px;vertical-align:bottom">attack proxy</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP OWTF</td><td style="padding:2px 3px;vertical-align:bottom">Flagship</td><td style="padding:2px 3px;vertical-align:bottom">JavaScript/HTML/CSS</td><td style="padding:2px 3px;vertical-align:bottom">attack application layer</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">O-Saft</td><td style="padding:2px 3px;vertical-align:bottom">LAB</td><td style="padding:2px 3px;vertical-align:bottom">Perl/Command line</td><td style="padding:2px 3px;vertical-align:bottom">verification SSL</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Web Testing Environment Project</td><td style="padding:2px 3px;vertical-align:bottom">Flagship</td><td style="padding:2px 3px;vertical-align:bottom">Virtual Machine with multiple owasp tools</td><td style="padding:2px 3px;vertical-align:bottom">testing framework</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP EnDe</td><td style="padding:2px 3px;vertical-align:bottom">LAB</td><td style="padding:2px 3px;vertical-align:bottom">Javascript/HTML/CSS</td><td style="padding:2px 3px;vertical-align:bottom">Decoder Encoder</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Dependency Check</td><td style="padding:2px 3px;vertical-align:bottom">Flagship</td><td style="padding:2px 3px;vertical-align:bottom">Java plugin</td><td style="padding:2px 3px;vertical-align:bottom">Control vulnerabilities dependencies in libraries</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Passfault</td><td style="padding:2px 3px;vertical-align:bottom">LAB</td><td style="padding:2px 3px;vertical-align:bottom">PHP</td><td style="padding:2px 3px;vertical-align:bottom">Password weaknesses crack control</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Xenotix XSS Exploit Framework</td><td style="padding:2px 3px;vertical-align:bottom">LAB</td><td style="padding:2px 3px;vertical-align:bottom">Javascript/HTML/CSS</td><td style="padding:2px 3px;vertical-align:bottom">XSS attacks testing</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Mantra Security Framework</td><td style="padding:2px 3px;vertical-align:bottom">LAB</td><td style="padding:2px 3px;vertical-align:bottom">Distribution</td><td style="padding:2px 3px;vertical-align:bottom">testing framework</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Mantra OS</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Attack Platform OS Ubuntu</td><td style="padding:2px 3px;vertical-align:bottom">Attack platform </td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Bywaf </td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Python</td><td style="padding:2px 3px;vertical-align:bottom">Attack Web layer</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP NINJA PingU Project</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">C</td><td style="padding:2px 3px;vertical-align:bottom">Ping Utility</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP SQLiX </td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Perl</td><td style="padding:2px 3px;vertical-align:bottom">Scanner Attacks</td></tr><tr style="height:27px"><td style="padding:2px 3px;vertical-align:bottom"><br>OWASP Pyttacker </td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Python</td><td style="padding:2px 3px;vertical-align:bottom">Reporting pen testing results</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP HTTP POST Tool</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">C++</td><td style="padding:2px 3px;vertical-align:bottom">Load testing web application</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Rainbow Maker </td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Python</td><td style="padding:2px 3px;vertical-align:bottom">Crack hashes</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Wapiti Project</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Python</td><td style="padding:2px 3px;vertical-align:bottom">Web Vulnerability Scanner attack</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Droid10</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Java</td><td style="padding:2px 3px;vertical-align:bottom">Android web vulnerability scanner</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Droid</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Java</td><td style="padding:2px 3px;vertical-align:bottom">Android web vulnerability scanner</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204);font-weight:bold">Static Analysis Tools/Libraries</td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP O2 Platform</td><td style="padding:2px 3px;vertical-align:bottom">LAB</td><td style="padding:2px 3px;vertical-align:bottom">.NET</td><td style="padding:2px 3px;vertical-align:bottom">Static analysis</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Dependency Track Project</td><td style="padding:2px 3px;vertical-align:bottom">LAB</td><td style="padding:2px 3px;vertical-align:bottom">Java</td><td style="padding:2px 3px;vertical-align:bottom">Track code vulnerabilities</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP WAP</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">PHP</td><td style="padding:2px 3px;vertical-align:bottom">Static analysis/Protection agains attacks</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP SonarQube</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Java plugins</td><td style="padding:2px 3px;vertical-align:bottom">Static Analysis check vulnerabilities</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204);font-weight:bold">Dependency check in libraries - tools</td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">WebGoat Benchmark </td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Java</td><td style="padding:2px 3px;vertical-align:bottom">Track code vulnerabilities</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Python Security Project</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Python </td><td style="padding:2px 3px;vertical-align:bottom">Code analysis Python libraries vulnerabilities</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Encoder Comparison </td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Javascript/HTML/CSS</td><td style="padding:2px 3px;vertical-align:bottom">Encoder ASCII ESAPI</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP JSEC CVE</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Java</td><td style="padding:2px 3px;vertical-align:bottom">Common vulnerabilities check</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204);font-weight:bold">Protection against vulnerabilties -Sanitizer tools</td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Java HTML Sanitizer Project</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Java</td><td style="padding:2px 3px;vertical-align:bottom">Sanitizer Input validation</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP WebSpa</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Java</td><td style="padding:2px 3px;vertical-align:bottom">Port knocking</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204);font-weight:bold">Protection against vulnerabilties - Security code libraries</td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP ModSecurity Core Rule Set Project</td><td style="padding:2px 3px;vertical-align:bottom">Flagship</td><td style="padding:2px 3px;vertical-align:bottom">Configuration files Apache</td><td style="padding:2px 3px;vertical-align:bottom">Mod security Apache rules Web Firewall</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP CSRFGuard Project</td><td style="padding:2px 3px;vertical-align:bottom">Flagship</td><td style="padding:2px 3px;vertical-align:bottom">Java library</td><td style="padding:2px 3px;vertical-align:bottom">Protection against CRSF attacks</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP AppSensor Project</td><td style="padding:2px 3px;vertical-align:bottom">Flagship</td><td style="padding:2px 3px;vertical-align:bottom">Java library</td><td style="padding:2px 3px;vertical-align:bottom">Protection vulnerabilities Secure development</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Enterprise Security API</td><td style="padding:2px 3px;vertical-align:bottom">LAB</td><td style="padding:2px 3px;vertical-align:bottom">Java library</td><td style="padding:2px 3px;vertical-align:bottom">Protection vulnerabilities Secure development</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Java Encoder Project Thumbsup.png</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Java library</td><td style="padding:2px 3px;vertical-align:bottom">Protection vulnerabilities Secure development</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Java File I/O Security Project</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Java library</td><td style="padding:2px 3px;vertical-align:bottom">Protection vulnerabilities Secure development</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP iMAS - iOS Mobile Application Security Project </td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Objective C</td><td style="padding:2px 3px;vertical-align:bottom">IOS mobile Sanitise code Protection vulnerabilities</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP PHP Security Project</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">PHP library</td><td style="padding:2px 3px;vertical-align:bottom">Protection vulnerabilities Secure development</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP File Format Validation Project</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">BIL language</td><td style="padding:2px 3px;vertical-align:bottom">Check file validation format</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Security Logging Project</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Java library</td><td style="padding:2px 3px;vertical-align:bottom">Reporting logging security issues/events</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP PHPRBAC Project</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">PHP library</td><td style="padding:2px 3px;vertical-align:bottom">Role Based Access Control Library</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204);font-weight:bold">Software Testing and Development tools</td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Secure TDD</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">.NET</td><td style="padding:2px 3px;vertical-align:bottom">Test driven development</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP XSecurity</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Objective C</td><td style="padding:2px 3px;vertical-align:bottom">IOS secure development</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP ASIDE</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Java/PHP</td><td style="padding:2px 3px;vertical-align:bottom">Secure development </td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP Code Pulse</td><td style="padding:2px 3px;vertical-align:bottom">LAB</td><td style="padding:2px 3px;vertical-align:bottom">.NET</td><td style="padding:2px 3px;vertical-align:bottom">Code Coverage revision</td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204);font-weight:bold">Forensic analysis tools</td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td><td style="padding:2px 3px;vertical-align:bottom;background-color:rgb(255,242,204)"></td></tr><tr style="height:21px"><td style="padding:2px 3px;vertical-align:bottom">OWASP iOSForensic</td><td style="padding:2px 3px;vertical-align:bottom">Incubator</td><td style="padding:2px 3px;vertical-align:bottom">Python</td><td style="padding:2px 3px;vertical-align:bottom">IOS Forensic analysis</td></tr></tbody></table></div><div></div></div>