OWASP Code the Flag

A practical guide on how to organize an in-house training competition for developers who want to learn how to write secure applications. Based on previous experiences with CTF (Capture the Flag), this guide provides the steps to create internal competition, with hands-on challenges, from cultural requirements between developers and security professionals to the technical tools needed for competition.


  • 2021 Q3 - Basic documentation on how to running the competition internally, cultural process, and basic tools. Share the project for the community and support some users implement in their own organization.
  • 2021 Q4 - Studies and survey with users to improve documentation and begin planning for additional tools that could be developed.
  • 2022 Q1 - Present Version 1 of the project(guide book). Starting develop tools to support users implement the project based in the last survey.
  • 2022 Q2 - Create a centralized repository to people share their challenges.


Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.