Category:OWASP Orizon Project

Jump to: navigation, search

OWASP Project Header.jpg

OWASP Orizon Project

OWASP Orizon is a source code security scanner designed to spot vulnerabilities in J2EE web applications, Android code and generally speaking in Java written source code.


Owasp Orizon is a code review tool intended to be used from security specialist to perform white box assessment. Orizon exposes also a set of APIs that can be used within a security tool to provide code review services.


OWASP Orizon is an opensource tool. It is licensed under the Apache 2 License.

Quick Start

See project GitHub home page

Project Resources


Code | Binaries

Issue Tracker

Project Leader

Paolo Perego
email twitter blog

News and Events

  • [13 September 2016] - Paolo Perego take back project leadership, kickstarting Owasp Orizon again
  • [February, 2014] - Greg Disney-Leugers adopted the OWASP Orizon project.
  • [November 2009] - we started moving from current release to the next major bump (v2.0) that will happen next June 2010 during Owasp AppSEC conference in Stockholm.


Owasp-incubator-trans-85.png Owasp-builders-small.png
Project Type Files TOOL.jpg

Available online is an Orizon presentation given at OWASP AppSec EU 2008 in Ghent, May 2008.

Owasp Orizon Internals @ Owasp AppSec NY 2008, New York 22-25th September 2008

Orizon@AppSec NY 2008

Owasp Orizon Internals @ Owasp AppSec EU 2008, Ghent 21-22nd May 2008

Orizon@AppSec EU 2008

Owasp Orizon Internals @ Owasp Day Italy 2008, Rome 31st March 2008

Orizon@Owasp Day in Italy

OWASP Orizon Project @ SMAU eAcademy, Milan 4-7th October 2006

I will talk to SMAU eAcademy2006 next Saturday 7th October 2006 about code review and safe coding. Here you can find more information (for now, only in Italian). The last part of the speech will be about introducing the Orizon project and giving a development roadmap.

A slideshare space is available to for the presentations used in Owasp | conferences


Orizon is developed by a worldwide team of volunteers. The primary contributors to date have been:

  • Paolo Perego - former project leader
  • Steven Evans
  • Andres Riancho
  • Dinis Cruz
  • Mike Duncan
  • prashant k v
  • Alessio Marziali
  • Jason Li
  • Nishi Kumar


As of Orizon, the priorities are:

  • xxx
  • xxx
  • xxx

Orizon wants you!

The model we follow is the OpenBSD one. Anyone will be free about sending opinions, criticism and patches. If an user will provide a good number of patches showing us he (or she) really wants to collaborate to the project, than he (or she) will be added to Owasp orizon core team.

If you are a skilled Java developer why don't you consider writing a bunch of code for Orizon? Or, consider joining the project for documentation, advertising, blog maintenance, etc.

We hope you find the OWASP Orizon Project useful. Please contribute to the project by volunteering for one of the tasks, or by sending your comments, questions, and suggestions.

Project Name OWASP Orizon Project
Short Project Description This project born in 2006 in order to provide a framework to all Owasp projects developing code review services. The project is in a quite stable stage and it is usable for Java static code review and some dynamic tests against XSS. Owasp Orizon includes also APIs for code crawling, usable for code crawling tools.
Key Project Information Project Leader
Paolo Perego
Project Contributors
See here
Mailing list
Subscribe here
Use here

Creative Commons Attribution Share Alike 3.0

Project Type

Release Status Main Links Related Projects

Beta Quality
Please see here for complete information.

The Owasp OrizonProject in Power Point
Orizon Safe coding and beyond - Word File
Orizon 1.19 - The Latest Release
Orizon internal draft
Orizon site at sourceforge
Orizon blog

OWASP Code Review Guide

Pages in category "OWASP Orizon Project"

This category contains only the following page.