
Group: org.owasp - All Dependencies


Dependency-Check Core · dependency-check-core is the engine and reporting tool used to identify and report if there are any known, publicly disclosed vulnerabilities in the scanned project's dependencies. The engine extracts meta-data from the dependencies and uses this to do fuzzy key-word matching against the Common Platfrom Enumeration (CPE), if any CPE identifiers are found the associated Common Vulnerability and Exposure (CVE) entries are added to the generated report.

Dependency-Check Utils · dependency-check-utils is a collection of common utility classes used within dependency-check that might be useful in other projects.

OWASP CSRFGuard · OWASP CSRFGuard is a library that implements a variant of the synchronizer token pattern to mitigate the risk of Cross-Site Request Forgery (CSRF) attacks.

Dependency-Check Maven Plugin · dependency-check-maven is a Maven Plugin that uses dependency-check-core to detect publicly disclosed vulnerabilities associated with the project's dependencies. The plugin will generate a report listing the dependency, any identified Common Platform Enumeration (CPE) identifiers, and the associated Common Vulnerability and Exposure (CVE) entries.

OWASP Security Logging Logback · The OWASP Security Logging project provides developers and ops personnel with APIs for logging security-related events.

OWASP Security Logging Common · The OWASP Security Logging project provides developers and ops personnel with APIs for logging security-related events.

Dependency-Check Ant Task · dependency-check-ant is an Ant Task that uses dependency-check-core to detect publicly disclosed vulnerabilities associated with the project's dependencies. The task will generate a report listing the dependency, any identified Common Platform Enumeration (CPE) identifiers, and the associated Common Vulnerability and Exposure (CVE) entries.

dependency-check-gradle · OWASP dependency-check gradle plugin is a software composition analysis tool used to find known vulnerable dependencies.

OWASP Security Logging · The OWASP Security Logging project provides developers and ops personnel with APIs for logging security-related events.

OWASP Security Logging Log4j · The OWASP Security Logging project provides developers and ops personnel with APIs for logging security-related events.

Dependency-Check · dependency-check is a utility that identifies project dependencies and checks if there are any known, publicly disclosed vulnerabilities. This tool can be part of the solution to the OWASP Top 10 2013: A9 - Using Components with Known Vulnerabilities.

url-classifier · Declarative syntax for defining sets of URLs. No need for error-prone regexs.

OWASP Java File IO · The OWASP Java File I/O Security Project provides an easy to use library for validating and sanitizing filenames, directory paths, and uploaded files.

Dependency-Check Command Line · dependency-check-cli is an command line tool that uses dependency-check-core to detect publicly disclosed vulnerabilities associated with the scanned project dependencies. The tool will generate a report listing the dependency, any identified Common Platform Enumeration (CPE) identifiers, and the associated Common Vulnerability and Exposure (CVE) entries.



OWASP CSRFGuard Parent POM · OWASP CSRFGuard is a library that implements a variant of the synchronizer token pattern to mitigate the risk of Cross-Site Request Forgery (CSRF) attacks.


OWASP CSRFGuard Extensions Parent POM · Extension modules that might be required, depending on whether the architecture of the integrator application is stateful or stateless.

OWASP CSRFGuard Session extension · Provides support for stateful, HTTP session based integrator applications

OWASP Application Gateway · An elephant strong web application gateway that handles oauth2 authentication and session management.