The OWASP Security Shepherd project enables users to learn or to improve upon existing manual penetration testing skills. Utilizing the OWASP top ten as a challenge test bed, common security vulnerabilities can be explored and their impact on a system understood. The by-product of this challenge game is the acquired skill to harden a player's own environment from OWASP top ten security risks. The modules have been crafted to provide not only a challenge for a security novice, but security professionals as well.

If you'd like to download the V3.0 VM, you can download it from github: https://github.com/OWASP/SecurityShepherd/releases/tag/v3.0

Try it live: https://owasp.securityshepherd.eu
Raise issues here: https://github.com/markdenihan/owaspSecurityShepherd/issues
More Info here: https://www.owasp.org/index.php/OWASP_Security_Shepherd

Project Samples

Project Activity

See All Activity >

License

Creative Commons Attribution ShareAlike License V3.0

Follow OWASP Security Shepherd

OWASP Security Shepherd Web Site

Other Useful Business Software
Gen AI apps are built with MongoDB Atlas Icon
Gen AI apps are built with MongoDB Atlas

The database for AI-powered applications.

MongoDB Atlas is the developer-friendly database used to build, scale, and run gen AI and LLM-powered apps—without needing a separate vector database. Atlas offers built-in vector search, global availability across 115+ regions, and flexible document modeling. Start building AI apps faster, all in one place.
Start Free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of OWASP Security Shepherd!

Additional Project Details

Intended Audience

Developers, Quality Engineers, Security Professionals, Testers

User Interface

Web-based

Programming Language

Java, JavaScript, JSP, PL/SQL

Database Environment

MySQL

Related Categories

JavaScript Security Software, JavaScript Software Testing Tool, JavaScript Penetration Testing Tool, JSP Security Software, JSP Software Testing Tool, JSP Penetration Testing Tool, PL/SQL Security Software, PL/SQL Software Testing Tool, PL/SQL Penetration Testing Tool, Java Security Software, Java Software Testing Tool, Java Penetration Testing Tool

Registered

2012-08-22