SpotBugs is a program to find bugs in Java programs. It looks for instances of “bug patterns” — code instances that are likely to be errors. It uses static analysis to look for bugs in Java code. SpotBugs checks for more than 400 bug patterns. Bug descriptions can be found here. It is free software, […]

Read More →

OWASP Snakes and Ladders is an educational project. It uses gamification to promote awareness of application security controls and risks, and in particular knowledge of other OWASP documents and tools. In the board game for web applications (Print-ready PDFs), the virtuous behaviors (ladders) are secure coding practices (from OWASP Proactive Controls project 2014-2016) and the […]

Read More →

OWASP Juice Shop is an intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws. Juice Shop is written in Node.js, Express and AngularJS. The application contains more than 30 challenges of varying difficulty where the user is supposed to exploit the underlying […]

Read More →

The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Their mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks. An OWASP project is a collection of related tasks that have […]

Read More →