WSTG - Latest
Frontispiece
Welcome
As we focus on incremental improvement, this release introduces numerous updates. We’ve standardized scenario formats to create a better reading experience, added objectives for each testing scenario, merged sections, and added new scenarios on some modern testing topics.
— Rick Mitchell
OWASP thanks the many authors, reviewers, and editors for their hard work in bringing this guide to where it is today. If you have any comments or suggestions on the Testing Guide, please feel free to open an Issue or submit a fix/contribution via Pull Request to our GitHub repository.
Copyright and Licensee
Copyright (c) 2023 The OWASP Foundation.
This document is released under the Creative Commons 4.0 License. Please read and understand the license and copyright conditions.
Leaders
- Elie Saad
- Rick Mitchell
Core Team
- Rejah Rehim
- Victoria Drake
Authors
- Aaron Williams
- Alessia Michela Di Campi
- Elie Saad
- Felix Sieges
- Ismael Goncalves
- Janos Zold
- Jeremy Bonghwan Choi
- Jinson Varghese Behanan
- Joel Espunya
- Manh Pham Tien
- Mark Clayton
- Or Asaf
- Phu Nguyen (Tony)
- rbsec
- Rick Mitchell
- Rishu Ranjan
- Rubal Jain
- Samuele Casarin
- Stefano Calzavara
- Tal Argoni
- Victoria Drake
Graphic Designers
- Hugo Costa
- Jishnu Vijayan C K
- Muhammed Anees
- Ramzi Fazah
Reviewers or Editors
- Abhi M Balakrishnan
- Asharaf Ali
- Elie Saad
- Eoin Murphy
- Francisco Bustos
- frozensolid
- Hsiang-Chih Hsu
- Jeremy Bonghwan Choi
- Jinson Varghese Behanan
- Lukasz Lubczynski
- Miguel Arevalo
- Najam Ul Saqib
- Nikoleta Misheva
- Patrick Santos
- Rejah Rehim
- Rick Mitchell
- Roman Mueller
- Thomas Lim
- Tom Bowyer
- Victoria Drake
Trademarks
- Java, Java Web Server, and JSP are registered trademarks of Sun Microsystems, Inc.
- Merriam-Webster is a trademark of Merriam-Webster, Inc.
- Microsoft is a registered trademark of Microsoft Corporation.
- Octave is a service mark of Carnegie Mellon University.
- Open Web Application Security Project and OWASP are registered trademarks of the OWASP Foundation, Inc.
- VeriSign and Thawte are registered trademarks of VeriSign, Inc.
- Visa is a registered trademark of VISA USA.
All other products and company names may be trademarks of their respective owners. Use of a term in this document should not be regarded as affecting the validity of any trademark or service mark.
Contacting OWASP
Contact details for the OWASP Foundation are available online. If you have a question concerning a particular project, we strongly recommend using the Google Group for that project. Many questions can also be answered by searching the OWASP web site, so please check there first.