Skip to content

David-Allen-Arteaga/_Benchmark_Javascript.DEB_

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

593 Commits
.github
.github
 
 
.mvn
.mvn
 
 
VMs
VMs
 
 
data
data
 
 
results
results
 
 
scorecard
scorecard
 
 
scripts
scripts
 
 
src
src
 
 
tools
tools
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
.keystore
.keystore
 
 
.travis.yml
.travis.yml
 
 
DevStyleHtml.prefs
DevStyleHtml.prefs
 
 
DevStyleXml.prefs
DevStyleXml.prefs
 
 
LICENSE
LICENSE
 
 
OWASP Benchmark.URL
OWASP Benchmark.URL
 
 
README.md
README.md
 
 
createAnonScorecards.sh
createAnonScorecards.sh
 
 
createScorecards.bat
createScorecards.bat
 
 
createScorecards.sh
createScorecards.sh
 
 
expectedresults-1.2.csv
expectedresults-1.2.csv
 
 
pom.xml
pom.xml
 
 
runBenchmark.bat
runBenchmark.bat
 
 
runBenchmark.sh
runBenchmark.sh
 
 
runCrawler.bat
runCrawler.bat
 
 
runCrawler.sh
runCrawler.sh
 
 
runRemoteAccessibleBenchmark.bat
runRemoteAccessibleBenchmark.bat
 
 
runRemoteAccessibleBenchmark.sh
runRemoteAccessibleBenchmark.sh
 
 

Repository files navigation

OWASP Benchmark

The OWASP Benchmark Project is a Java test suite designed to verify the speed and accuracy of vulnerability detection tools. It is a fully runnable open source web application that can be analyzed by any type of Application Security Testing (AST) tool, including SAST, DAST (like ZAP), and IAST tools. The intent is that all the vulnerabilities deliberately included in and scored by the Benchmark are actually exploitable so its a fair test for any kind of application vulnerability detection tool. The Benchmark also includes scorecard generators for numerous open source and commercial AST tools, and the set of supported tools is growing all the time.

The project documentation is all on the OWASP site at the OWASP Benchmark project pages. Please refer to that site for all the project details.

The current latest release is v1.2. Note that all the releases that are available here: https://github.com/OWASP/Benchmark/releases are historical. The latest release is always available live by simply cloning or pulling the head of this repository (i.e., git pull).

About

Benchmark is a suite designed to verify software Inspector tools. A fully runnable web app written in javascript supports, analysis by Static, Dynamics, and Runtime tools that support Java. The idea is that since it is fully runnable and all are factual written, it’s a fair test for any kind of detection tools to eliminate more dramatic sequences.

owasp.org/www-project-benchmark/

Resources

Readme

License

GPL-2.0 license

Code of conduct

Code of conduct

Security policy

Security policy
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • Java 71.8%
  • HTML 28.0%
  • Shell 0.1%
  • JavaScript 0.1%
  • Batchfile 0.0%
  • CSS 0.0%