OWASP is moving to a 'web first' philosphy and moving away from downloads. We will still be providing PDF and ePub, but the emphasis will be on providing web page documents.
This means that OWASP project page is now the source of the document.
The draft version 3.0 of this repo is now work-in-progress under draft
in the OWASP project pages.
This migration is now complete and this repo has been archived as Read Only.
Thank you for your interest in the OWASP Developer Guide, the first major Open Web Application Security Project (OWASP) Document.
This is the development version of the OWASP Developer Guide, and will be converted into PDF & MediaWiki for publishing when complete.
This repository is the current development master: version 3.0.
Current stable is version 2.0.1 and is the recommended version for reading until 3.0 becomes more complete.
See our our wiki, FAQ page, and Road Map for more information.
For a pleasant reading experience, use GitBook to turn this document into a PDF, e-book, website, etc.
Our wiki contains more information about the project's background and purpose. This will be updated here first then ported over to the official OWASP.org wiki.
You do not have to be a security expert in order to contribute!
Some of the ways you can help:
You can join in the conversation on the mailing list.
We also discuss a fair amount about the OWASP Guide on Google+
Please contact the Project Leads: Steven van der Baan or Brad Chesney for any queries about this edition.