OWTF aims to make pen testing:
so that pentesters will have more time to
OWTF is taking part in the Google Summer of Code 2017! If you'd like to participate then see the GSoC 2017 wiki page!
ToolsWatch Annual Best Free/Open Source Security Tool Survey:
You can see what OWASP OWTF is all about in the following video:
OWASP OWTF 1.0 "Lionheart" - Brucon 2014 5x5:
OWASP AppSec EU 2013: Introducing OWASP OWTF 5x5:
For more videos please see the YouTube channel
What is OWTF?
OWASP Offensive Web Testing Framework is a project focused on penetration testing efficiency and alignment of security tests to security standards like: The OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST.
The current version of OWASP OWTF is OWTF 2.0a "Tikka Masala".
The following links provide access to materials for OWTF talks (video, slides, etc.):
News and Events
OWTF documentation is hosted in the following resources:
OWTF is developed by a worldwide team of volunteers.
But we have also been helped by many organizations, either financially or through other means:
OWTF attempts to solve the "penetration testers are never given enough time to test properly" problem, or in other words, OWTF = Test/Exploit ASAP, with this in mind, as of right now, the priorities are:
- To improve security testing efficiency (i.e. test more in less time)
- To improve security testing coverage (i.e. test more)
- Gradually integrate the best tools
- Unite the best tools and make them work together with the security tester
- Remove or Reduce the need to babysit security tools during security assessments
- Be a respository of PoC resource links to assist exploitation of vulnerabilities in order to illustrate risk to businesses.
- Help penetration testers save time on report writing
Involvement in the development and promotion of OWTF is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:
| PROJECT INFO
What does this OWASP project offer you?
| RELEASE(S) INFO|
What releases are available for this project?