The Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and security professionals.

Welcome to the official repository for the Open Worldwide Application Security Project® (OWASP®) Web Security Testing Guide (WSTG). The WSTG is a comprehensive guide to testing the security of …

Jan 22, 2026 · In this comprehensive guide, you will learn exactly what the OWASP Web Security Testing Guide covers, how to use it effectively, and how to apply its methodologies to real-world …

The rest of this guide is organized as follows: this introduction covers the pre-requisites of testing web applications and the scope of testing. It also covers the principles of successful testing and testing …

WSTG - v4.2 on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.

Apr 4, 2025 · Comprehensive guide to OWASP Testing: its definition, methodology, testing phases, and best practices for web application security. Learn how to implement OWASP security testing effectively.

5 days ago · A definitive OWASP Testing Guide for CRA compliance. Learn how to implement key tests, automate security, and document findings for the EU Cyber Resilience Act.

Feb 24, 2026 · Web Application Penetration Testing Manual OWASP Top 10 coverage — all ten categories, findings that prove it SecurityWall's web application pentests cover all OWASP Top 10 …

Before you start contributing, please read our contribution guide which should help you get started and follow our best practices. Whenever you identify a contribution possibility, open up an issue with it in …

The OWASP Testing Framework Overview Phase 1: Before Development Begins Phase 2: During Definition and Design Phase 3: During Development Phase 4: During Deployment Phase 5: …