# OWASP

The [Open Web Application Security Project (OWASP)](https://owasp.org/) provides resources, tools, and guidelines to help build and test secure applications.

* [Background](#background)
* [OWASP Top 10](#owasp-top-10)
* [Resources](#resources)

## Background

[OWASP (Open Web Application Security Project)](https://owasp.org/) is a non-profit organization that aims to improve the security of software and web applications by providing resources, tools, and best practices for developers, security professionals, and organizations. OWASP provides resources including the OWASP Top 10 and the OWASP Web Security Testing Guide.

## OWASP Top 10

The [OWASP Top 10](https://owasp.org/www-project-top-ten/) is a list of the 10 most critical web application security risks, based on widespread exploitation, prevalence, and impact. This list is updated every few years.

## OWASP Web Security Testing Guide

The [OWASP Web Security Testing Guide](https://owasp.org/www-project-web-security-testing-guide) is a comprehensive open source guideline that provides techniques for testing the security of web applications.

[This is the repository](https://github.com/OWASP/wstg) of the guide and [this is the latest content](https://owasp.org/www-project-web-security-testing-guide/latest/).

## Resources

* [OWASP Organization Website](https://owasp.org)
* [OWASP Top Ten](https://owasp.org/www-project-top-ten)
* [OWASP Web Security Testing Guide](https://owasp.org/www-project-web-security-testing-guide)
* [OWASP Web Security Testing Guide Repository](https://github.com/OWASP/wstg)
* [Latest Version of OWASP Testing Guide Content](https://owasp.org/www-project-web-security-testing-guide/latest)
* [OWASP Vulnerable Training Website - Juice Shop](https://owasp.org/www-project-juice-shop)
* [OWASP Zed Attack Proxy Security Tool](https://owasp.org/www-project-zap/)
* [OWASP Cheat Sheets](https://cheatsheetseries.owasp.org)