Probably don't want to beg hackers to come and take your stuff.
A password-strength tester based upon the OWASP guidelines for enforcing strong passwords.
A Node.js wrapper for the OWASP dependency-check-cli.
TypeScript definitions for owasp-password-strength-test
Retire is a tool for detecting use of vulnerable libraries
Set the X-Permitted-Cross-Domain-Policies header in Express apps
Developer-friendly CLI for scanning JS/TS projects for dependency vulnerabilities using local lockfiles and OSV
A Common Weakness Enumeration (CWE) Node.js SDK compliant with MITRE / CAPEC
A library for performing FIDO 2.0 / WebAuthn functionality
A light-weight and totally "secure" library to easily deploy simple chat bots
Easily implement usual security measures in React Native Expo apps
Arcjet runtime security SDK — bot protection, rate limiting, prompt injection detection, PII blocking, and WAF for JavaScript and TypeScript apps
Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Express middleware to handle content expiration using Cache-Control header.
Hono security middleware: honeypot path blocker and mini WAF that stops vulnerability scanners (nuclei, nikto, sqlmap, dirbuster, wpscan), bad bots, and brute-force probes before they reach your routes. Optional IP strike/ban plus AbuseIPDB reporting. Zer
Synapta security scanner wrappers: Semgrep, Gitleaks, Trivy, Checkov, OWASP ZAP
Secure JSON.stringify for injecting into HTML's `<script>` tag.
OWASP Threat Dragon core module
Common ESLint configuration used in most DPUse projects.
Skill de auditoría de seguridad basada en OWASP Top 10 2025
[](./LICENSE) <span><!-- OWASP_BADGES_START --> [](https://dpuse.github.io/dpuse-connector-dropbox/dependency-check-reports/depende
🛡️ Security Module for Nuxt based on HTTP Headers and Middleware
Client-side library to load the Paystack checkout form
Security auditing CLI for AI agent skills — OWASP Agentic Skills Top 10 (AST10)
OWASP category and application-security taxonomy primitives for RustUse
Feature-gated facade crate for RustUse security primitives
AntiSamy is a library to clean user-supplied HTML/CSS. This gem is a port of the anti-samy framework created for OWASP (http://www.owasp.org/index.php/Category:OWASP_AntiSamy_Project) AntiSamy works by using a policy to removed any dangerous input you specify from attributes to tags. This gem is built using nokogiri
= The Owasp ESAPI Ruby project == Introduction The Owasp ESAPI Ruby is a port for outstanding release quality Owasp ESAPI project to the Ruby programming language. Ruby is now a famous programming language due to its Rails framework developed by David Heinemeier Hansson (http://twitter.com/dhh) that simplify the creation of a web application using a convention over configuration approach to simplify programmers' life. Despite Rails diffusion, there are a lot of Web framework out there that allow people to write web apps in Ruby (merb, sinatra, vintage) [http://accidentaltechnologist.com/ruby/10-alternative-ruby-web-frameworks/]. Owasp Esapi Ruby wants to bring all Ruby deevelopers a gem full of Secure APIs they can use whatever the framework they choose. == Why supporting only Ruby 1.9.2 and beyond? The OWASP Esapi Ruby gem will require at least version 1.9.2 of Ruby interpreter to make sure to have full advantages of the newer language APIs. In particular version 1.9.2 introduces radical changes in the following areas: === Regular expression engine (to be written) === UTF-8 support Unicode support in 1.9.2 is much better and provides better support for character set encoding/decoding * All strings have an additional chunk of info attached: Encoding * String#size takes encoding into account – returns the encoded character count * You can get the raw datasize * Indexed access is by encoded data – characters, not bytes * You can change encoding by force but it doesn’t convert the data === Dates and Time From "Programming Ruby 1.9" "As of Ruby 1.9.2, the range of dates that can be represented is no longer limited by the under- lying operating system’s time representation (so there’s no year 2038 problem). As a result, the year passed to the methods gm, local, new, mktime, and utc must now include the century—a year of 90 now represents 90 and not 1990." == Roadmap Please see ChangeLog file. == Note on Patches/Pull Requests * Fork the project. * Create documentation with rake yard task * Make your feature addition or bug fix. * Add tests for it. This is important so I don't break it in a future version unintentionally. * Commit, do not mess with rakefile, version, or history. (if you want to have your own version, that is fine but bump version in a commit by itself I can ignore when I pull) * Send me a pull request. Bonus points for topic branches. == Copyright Copyright (c) 2011 the OWASP Foundation. See LICENSE for details.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.