OWASP Project Metrics

Revision as of 15:22, 5 June 2014 by Kait Disney-Leugers (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

OWASP Project Header.jpg

OWASP Project Metrics

OWASP Project Metrics is...


The goal of this project is to create an automated tool able to connect to the majority of distributed version control systems (DVCS) and generate data to measure project activity and quality using metrics and standard practices.


We will develop a tool that will be able to connect to the majority of distributed version control systems (DVCS) and through a series of algorithmic operations automatically generate both quantitative and qualitative by applying a series of well defined metrics. Collected data will be organized and presented in a website with a dashboard for each project and statistical information about code and authors that will also include a scoring systems.


OWASP Project Metrics is free to use. It is licensed under the GNU GPL v3 license, so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.

What is Project Metrics?

OWASP Project Metrics provides:

  • metadata analysis (mime type, encoding, size, mac times, acl)
  • string detection (presence, absence, position, repetition)
  • pattern detection (exact and partial match, sequence, occurrence)
  • entropy analysis (entropy, chi2, compression, frequency)
  • fuzzy hashing (file similarity)
  • crypto hashing (file uniqueness)


Project Leader

Federico Figus

Related Projects


Quick Download

Email List

Project Email List

News and Events

In Print


New projects.png Owasp-builders-small.png
Project Type Files CODE.jpg



OWASP Project Metrics is developed by a worldwide team of volunteers. The primary contributors to date have been:

  • xxx
  • xxx


  • xxx
  • xxx

As of June, the priorities are:

  • files added (total, 6/3/1 months, last 7 days)
  • files changed (total, 6/3/1 months, last 7 days)
  • files unchanged (total, 6/3/1 months, last 7 days)
  • files deleted (total, 6/3/1 months, last 7 days)
  • file comparison (one to one, many to one, one to many)
  • for each commit:
    • files changed (added,deleted,rewritten,renamed,modified)
    • file content attribution (who modified which part)
    • author tracking and action attribution (who did what and when)
  • a graph to represent global project activity

Involvement in the development and promotion of OWASP Project Metrics is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:

  • xxx
  • xxx

What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: Place your project name here.
Purpose: Project description goes here. Make sure to add a description that outlines how this project advances software security.
License: Place your license choice here: OWASP Recommended Licenses
who is working on this project?
Project Leader(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: [This is the full link to the mailing list (e.g. https://lists.owasp.org/mailman/listinfo/owasp-example-project) Mailing List Archives]
Project Roadmap: Not Yet Created
Key Contacts
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed

other releases