This project aims to develop Nuclei templates for evaluating OWASP Application Security Verification Standard (ASVS) on websites and will involve creating templates that can be used to evaluate ASVS on websites, documenting the use of the templates, and designing and implementing a user interface for easy navigation and use of the templates.
The goal is to provide security professionals with an easy-to-use set of tools to test their web applications and identify potential vulnerabilities.
- Since the implementation methods and frameworks used in web application design are very diverse, in this project we will consider the existing best practice designs and develop nuclei templates based on them :)
- Also while these Nuclei templates are designed to help automate the process of evaluating web applications against ASVS requirements, they should not be considered a substitute for manual testing or other security best practices.
- Some templates are developed for a limited or specific scenario and should be modified and perfected according to the needs of the evaluator/user.
This program is free software: You can redistribute it and/or modify it under the terms of the MIT License.
Contributions to this repository are welcome and encouraged. If you have created new Nuclei templates that evaluate additional ASVS requirements or have any idea about current templates, we'd love to hear from you in project Github Discussions or our Slack channel.
For detailed information and guidelines about contributing in developing template for ASVS evaluation, please check CONTRIBUTING.md
The project current core team are:
- Hamed Salimain (Project Leader)