October is here and everyone is running after their 4 PR’s to win a digitalocean t-shirt!

For those who don’t know, in October there is Hacktoberfest, an online and global event where people are awarded for contributing open source code. More information you can see on the official website of the event.

OWASP and projects!

The information security crowd knows how important the tools that assist in the process of code and vulnerability analysis are, and now is the time to contribute these tools and materials.

Here’s a list of the most interesting OWASP projects that can help you with your work and also accept that you contribute code or documentation:

OWASP Top 10

It is a web application security awareness document. It meets the most critical web application security risks. In this list you can find some vulnerabilities, such as checking if your application is not vulnerable to them and also some countermeasures. Github

OWASP Zed Attack Proxy(ZAP)

ZAP is a popular vulnerability testing tool among security professionals and pentesters. It can help you in the process of finding and addressing vulnerabilities in your web applications. Github ZAP Extensions

OWASP Juice Shop Project

As they like to say, it’s probably the most modern and sophisticated insecure web application! Yes, that’s right, an insecure application for you to test and learn about the Top 10 vulnerabilities, with a complete learning support, book and tools to make learning easier. Github

OWASP DefectDojo

A great vulnerability management tool, it streamlines the testing process with modeling, reporting, and metrics tools. Stop spending a fortune on other vulnerability managers and start contributing the code of this powerful tool. Github


DNS enumeration and infrastructure mapping with techniques for obtaining web-scraped subdomains, APIs, and querying public databases. All that power in one simple tool is worth putting in your utility belt-bat. Github


OSINT In a smart way, this project creates wordlists based on the content of your target along with Google Dorks techniques. In the future some data intelligence features will be added and you can be part of the development of this tool. Github

These are some of the many projects, so if you want to know all the projects, you can check out the project repository. If you would like to participate in the projects, log into the project github or contact your Project Leader.