OWASP Projects and Application Security

OWASP Security Tools and Utilities

6.1.

OWASP Zed Attack Proxy

6.1.1.

ZAP Architecture and Components

6.1.1.1.

6.1.1.2.

6.1.1.3.

6.1.1.4.

6.1.1.5.

6.1.2.

ZAP Installation and Configuration

6.1.2.1.

Installation Methods

6.1.2.2.

Initial Configuration

6.1.2.3.

Certificate Management

6.1.2.4.

6.1.3.

6.1.3.1.

6.1.3.2.

6.1.3.3.

6.1.3.4.

6.1.3.5.

6.1.3.6.

6.1.4.

ZAP Advanced Features

6.1.4.1.

Authentication Configuration

6.1.4.2.

Session Management

6.1.4.3.

Context Configuration

6.1.4.4.

Script Integration

6.1.5.

ZAP Add-ons and Extensions

6.1.5.1.

Add-on Marketplace

6.1.5.2.

Popular Add-ons

6.1.5.3.

Custom Script Development

6.1.6.

ZAP Integration

6.1.6.1.

CI/CD Pipeline Integration

6.1.6.2.

API Usage

6.1.6.3.

Reporting and Export

6.2.

OWASP Dependency-Check

6.2.1.

Software Composition Analysis Concepts

6.2.1.1.

Dependency Management

6.2.1.2.

Vulnerability Databases

6.2.1.3.

Risk Assessment

6.2.2.

Dependency-Check Features

6.2.2.1.

Supported Languages and Ecosystems

6.2.2.2.

Vulnerability Detection

6.2.2.3.

False Positive Management

6.2.2.4.

Reporting Capabilities

6.2.3.

Integration Options

6.2.3.1.

Build Tool Integration

6.2.3.1.1.

6.2.3.1.2.

6.2.3.1.3.

6.2.3.2.

6.2.3.2.1.

6.2.3.2.2.

6.2.3.2.3.

6.2.3.3.

6.2.4.

Configuration and Customization

6.2.4.1.

6.2.4.2.

6.2.4.3.

6.3.

6.3.1.

Network Reconnaissance Fundamentals

6.3.1.1.

Asset Discovery

6.3.1.2.

Attack Surface Mapping

6.3.1.3.

Subdomain Enumeration

6.3.2.

Amass Capabilities

6.3.2.1.

Passive Information Gathering

6.3.2.2.

Active Information Gathering

6.3.2.3.

DNS Enumeration

6.3.2.4.

Certificate Transparency Logs

6.3.3.

Amass Usage and Configuration

6.3.3.1.

Command Line Interface

6.3.3.2.

Configuration Files

6.3.3.3.

Data Sources

6.3.3.4.

Output Formats

6.3.4.

Integration and Automation

6.3.4.1.

Scripting Integration

6.3.4.2.

Continuous Monitoring

6.3.4.3.

Visualization Tools

6.4.

OWASP CycloneDX

6.4.1.

Software Bill of Materials Concepts

6.4.1.1.

SBOM Standards

6.4.1.2.

Supply Chain Transparency

6.4.1.3.

Vulnerability Management

6.4.2.

CycloneDX Specification

6.4.2.1.

Component Information

6.4.2.2.

Dependency Relationships

6.4.2.3.

Vulnerability Data

6.4.2.4.

License Information

6.4.3.

SBOM Generation

6.4.3.1.

Language-Specific Tools

6.4.3.2.

Build System Integration

6.4.3.3.

Container Image Analysis

6.4.4.

SBOM Consumption

6.4.4.1.

Vulnerability Analysis

6.4.4.2.

License Compliance

6.4.4.3.

Risk Assessment

6.5.

OWASP ModSecurity

6.5.1.

Web Application Firewall Concepts

6.5.1.1.

Request Filtering

6.5.1.2.

Attack Detection

6.5.1.3.

Response Modification

6.5.2.

ModSecurity Architecture

6.5.2.1.

6.5.2.2.

6.5.2.3.

6.5.3.

6.5.3.1.

6.5.3.2.

Attack Detection Rules

6.5.3.3.

Anomaly Scoring

6.5.4.

Configuration and Tuning

6.5.4.1.

Rule Customization

6.5.4.2.

False Positive Reduction

6.5.4.3.

Performance Optimization

5. OWASP Testing and Assessment Guides

Go to top

7. Specialized OWASP Projects and Standards