IDORSSRFAUTH BYPASSJWT FORGERYRACE CONDITIONXXEBROKEN OBJECT-LEVEL AUTHPRIVILEGE ESCALATIONMASS ASSIGNMENTGRAPHQL INTROSPECTION ABUSEIDORSSRFAUTH BYPASSJWT FORGERYRACE CONDITIONXXEBROKEN OBJECT-LEVEL AUTHPRIVILEGE ESCALATIONMASS ASSIGNMENTGRAPHQL INTROSPECTION ABUSE
Impactr Logoimpactr
FeaturesHow it worksEvidencePricingLearnCompare
  1. Home
  2. Glossary
  3. OWASP

Frameworks & standards

OWASP

Open Worldwide Application Security Project

The Open Worldwide Application Security Project (OWASP) is a nonprofit foundation that produces freely available application-security resources, including the OWASP Top 10, the API Security Top 10, the ASVS, and many tools. Its lists are widely used as baselines for what application and API security testing should cover.

Key points

  • Community-driven, vendor-neutral AppSec resources.
  • Publishes the Top 10, API Top 10, ASVS, and more.
  • Widely referenced as coverage baselines.

Related

CWECVECAPEC

References

  • OWASP

Impactr is an autonomous AI penetration testing platform - it investigates, chains, and proves web and API vulnerabilities with reproducible evidence.

Join the waitlist
← All terms
Impactr Logoimpactr

Built by hackers, for the code you ship. Autonomous AI penetration testing for modern web apps and APIs.

© 2026 Impactr

Product

FeaturesCoverageUse casesEvidencePricingWaitlist

Resources

VulnerabilitiesGuidesComparisonsGlossaryCWE databaseBy industryBy languageHTTP status codesSecurity headers

Company

ContactTwitterLinkedInGitHub