http://webgoat.googlecode.com/svn/trunk/webgoat/src/main/webapp/images/header/header.jpg =Overview= *WebGoat* is a deliberately insecure J2EE web application designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploi...

<strong>OWASP ESAPI for Java: Strong, Simple Security Controls for Java Developers</strong> Don’t write your own security controls! Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The OW...

*OWASP ESAPI for PHP: Strong, Simple Security Controls for PHP Developers* Don’t write your own security controls! Reinventing the wheel when it comes to developing security controls for every web application or web service leads to wasted time and massive security holes. The OWASP Enterprise Sec...

The purpose of the ESAPI is to provide a simple interface that provides all the security functions a developer is likely to need in a clear, consistent, and easy to use way. The ESAPI architecture is very simple, just a collection of classes that encapsulate the key security operations most applicat...

The purpose of the .NET ESAPI is to provide a simple interface that provides all the ordinary security functions a developer is likely to need in a clear, consistent, and easy to use way. The .NET ESAPI architecture is very simple, just a collection of classes that encapsulate the key security op...

The ESAPI Swingset is a web application which demonstrates the many uses of the Enterprise Security API (ESAPI)