GitHub

Offensive Web Testing Framework (OWTF)

OWASP OWTF helps penetration testers stay efficient and aligned with security standards such as the OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES, and NIST so that they have more time to: ...
IEEE

Automated Penetration Testing Architecture Using Metasploit and OWASP ZAP for Web Applications

Abstract: This research study introduces an innovative approach to fortify web application security through the utilization of automated penetration testing architecture. While leveraging the robust ...
Bleeping Computer

The Real-World Attacks Behind OWASP Agentic AI Top 10

OWASP just released the Top 10 for Agentic Applications 2026 - the first security framework dedicated to autonomous AI agents. We've been tracking threats in this space for over a year. Two of our ...
IEEE

IEEE Communications Surveys and Tutorials

Abstract: I welcome you to the fourth issue of the IEEE Communications Surveys and Tutorials in 2021. This issue includes 23 papers covering different aspects of communication networks. In particular, ...
TechRepublic

OWASP Drops First AI Agent Risk List

These aren't simple chatbots anymore—these AI agents access data and tools and carry out tasks, making them infinitely more capable and dangerous. Image: Envato After months of organizations deploying ...
CSOonline

Managing agentic AI risk: Lessons from the OWASP Top 10

Agentic AI is being adopted fast by enterprises, propelled by an explosion of use cases, but security, as always, is lagging. The OWASP Top 10 for Agentic AI can help close that gap. LLM-powered ...
GitHub

Hunt every Endpoint in your code, expose Shadow APIs, map the Attack Surface.

Noir bridges the gap between SAST and DAST by analyzing source code to generate accurate, authenticated endpoint inventories. It detects what others miss: shadow APIs, deprecated endpoints, and hidden ...