This repository was archived by the owner on Apr 8, 2025. It is now read-only.

ShiftLeftSecurity / Benchmark Public archive

forked from OWASP-Benchmark/BenchmarkJava

Notifications You must be signed in to change notification settings
Fork 388
Star 4

OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools.

www.owasp.org/index.php/Benchmark

GPL-2.0 license

4 stars 1.3k forks Branches Tags Activity

Star

Notifications

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
src/main		src/main
LICENSE		LICENSE
README.md		README.md
benchmarktestcases.xls		benchmarktestcases.xls
expectedresults-1.1.csv		expectedresults-1.1.csv
pom.xml		pom.xml

Repository files navigation

webgoat-benchmark

The OWASP WebGoat Benchmark Edition (WBE) is a Java test suite designed to verify the speed and accuracy of vulnerability detection tools. The initial version is intended to support Static Analysis Security Testing Tools (SAST) and Interactive Analysis Security Testing Tools (IAST). A future release will support Dynamic Analysis Security Testing Tools (DAST), like OWASP ZAP. The goal is that this test application is fully runnable and all the vulnerabilities are actually exploitable so its a fair test for any kind of application vulnerability detection tool.

The project documentation is all on the OWASP site at the OWASP WebGoat Benchmark Edition project pages. Please refer to that site for all the project details.