Skip to content

OWASP Application Security Checklist for testing (mapping ASVS with WSTG)

Notifications You must be signed in to change notification settings

jeremychoi/owasp-asvs-wstg-checklist

Repository files navigation

OWASP Application Security Checklist for Testing (mapping ASVS with WSTG)

This checklist is based on OWASP Application Security Verification Standard (ASVS), mapping with the OWASP Web Security Testing Guide (WSTG). The goal is to help developers, testers or security professionals with testing the application/service in a more organized way.

ASVS

(excerpted from the ASVS repository, https://github.com/OWASP/ASVS)

The primary aim of the OWASP Application Security Verification Standard (ASVS) Project is to provide an open application security standard for web apps and web services of all types.

The standard provides a basis for designing, building, and testing technical application security controls, including architectural concerns, secure development lifecycle, threat modelling, agile security including continuous integration / deployment, serverless, and configuration concerns.

WSTG

(excerpted from the WSTG repository, https://github.com/OWASP/wstg)

The WSTG is a comprehensive guide to testing the security of web applications and web services. Created by the collaborative efforts of security professionals and dedicated volunteers, the WSTG provides a framework of best practices used by penetration testers and organizations all over the world.

Checklist Information

OWASP Application Security Checklist for Testing

About

OWASP Application Security Checklist for testing (mapping ASVS with WSTG)

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published