Offensive Web Testing Framework
OWASP OWTF is a project that aims to make security assessments as efficient as possible by automating the manual, uncreative part of pen testing. It provides out-of-box support for the OWASP Testing Guide, the NIST and the PTES standards.
Easy to Use
Unites popular tools
Use OWTF anywhere!
Fastest Python MiTM proxy yet!
Comprehensive interactive report at end of each scan
Easy plugin-based system; currently 100+ plugins!
CLI and web interface
Video: Release preview
Getting started with OWTF!
pip install git+https://github.com/owtf/owtf#egg=owtf or clone the repo and python setup.py install
To run OWTF on Windows or MacOS, use the Dockerfile (requires Docker installed) provided to try OWTF:
make docker-build && make docker-run
- Create a virtualenv,
virtualenv envand activate it
- Install and run OWTF.
cd owtf/; python setup.py develop && python -m owtf
localhost:8009for OWTF web interface.