October is here and everyone is running after their 4 PR’s to win a digitalocean t-shirt!
For those who don’t know, in October there is Hacktoberfest, an online and global event where people are awarded for contributing open source code. More information you can see on the official website of the event.
OWASP and projects!
The information security crowd knows how important the tools that assist in the process of code and vulnerability analysis are, and now is the time to contribute these tools and materials.
Here’s a list of the most interesting OWASP projects that can help you with your work and also accept that you contribute code or documentation:
OWASP Top 10
It is a web application security awareness document. It meets the most critical web application security risks. In this list you can find some vulnerabilities, such as checking if your application is not vulnerable to them and also some countermeasures. Github
OWASP Zed Attack Proxy(ZAP)
ZAP is a popular vulnerability testing tool among security professionals and pentesters. It can help you in the process of finding and addressing vulnerabilities in your web applications. Github ZAP Extensions
OWASP Juice Shop Project
As they like to say, it’s probably the most modern and sophisticated insecure web application! Yes, that’s right, an insecure application for you to test and learn about the Top 10 vulnerabilities, with a complete learning support, book and tools to make learning easier. Github
OWASP DefectDojo
A great vulnerability management tool, it streamlines the testing process with modeling, reporting, and metrics tools. Stop spending a fortune on other vulnerability managers and start contributing the code of this powerful tool. Github
OWASP Amass
DNS enumeration and infrastructure mapping with techniques for obtaining web-scraped subdomains, APIs, and querying public databases. All that power in one simple tool is worth putting in your utility belt-bat. Github
OWASP D4N155
OSINT In a smart way, this project creates wordlists based on the content of your target along with Google Dorks techniques. In the future some data intelligence features will be added and you can be part of the development of this tool. Github
These are some of the many projects, so if you want to know all the projects, you can check out the project repository. If you would like to participate in the projects, log into the project github or contact your Project Leader.