https://github.com/OWASP/wstg.git
· scanned 2026-05-16 11:56 UTC (3 weeks, 3 days ago)
· 10 languages
10 raw signals (4 security + 6 graph) 85th percentile · Python · tiny (<2K LoC) System graph score 98 (lower by 24)
Last scanned 3 weeks, 3 days ago · v1 · 3 actionable findings from 1 signal source. Security checks, system graph analysis, and verified AI-agent feedback are merged into one review queue.
All 356 nodes from the latest scan, grouped by kind. Each node is a unit the engine identified (file, function, endpoint, table…). Most users won't need this view — it's primarily for debugging the engine's graph extraction or for AI agents that want to enumerate the project structure.
| Label | Layer | Status | Path |
|---|---|---|---|
REST_CS_Migrate.md |
software | healthy | REST_CS_Migrate.md |
style_guide.md |
software | healthy | style_guide.md |
README.md |
software | healthy | README.md |
Testing_for_APIs.md |
software | healthy | Testing_for_APIs.md |
CONTRIBUTING.md |
software | healthy | CONTRIBUTING.md |
CODE_OF_CONDUCT.md |
software | healthy | CODE_OF_CONDUCT.md |
SECURITY.md |
software | healthy | SECURITY.md |
README.md |
software | healthy | document/README.md |
README.md |
software | healthy | document/2-Introduction/README.md |
README.md |
software | healthy | document/1-Frontispiece/README.md |
README.md |
software | healthy | document/3-The_OWASP_Testing_Framework/README.md |
0-The_Web_Security_Testing_Framework.md |
software | healthy | document/3-The_OWASP_Testing_Framework/0-The_Web_Security_T… |
1-Penetration_Testing_Methodologies.md |
software | healthy | document/3-The_OWASP_Testing_Framework/1-Penetration_Testin… |
02-Naming_Schemes.md |
software | healthy | document/5-Reporting/02-Naming_Schemes.md |
README.md |
software | healthy | document/5-Reporting/README.md |
01-Reporting_Structure.md |
software | healthy | document/5-Reporting/01-Reporting_Structure.md |
README.md |
software | healthy | document/4-Web_Application_Security_Testing/README.md |
04-Testing_for_Account_Enumeration_and_Guessable_User_Accou… |
software | healthy | document/4-Web_Application_Security_Testing/03-Identity_Man… |
README.md |
software | healthy | document/4-Web_Application_Security_Testing/03-Identity_Man… |
01-Test_Role_Definitions.md |
software | healthy | document/4-Web_Application_Security_Testing/03-Identity_Man… |
02-Test_User_Registration_Process.md |
software | healthy | document/4-Web_Application_Security_Testing/03-Identity_Man… |
05-Testing_for_Weak_or_Unenforced_Username_Policy.md |
software | healthy | document/4-Web_Application_Security_Testing/03-Identity_Man… |
03-Test_Account_Provisioning_Process.md |
software | healthy | document/4-Web_Application_Security_Testing/03-Identity_Man… |
03-Testing_for_HTML_Injection.md |
software | healthy | document/4-Web_Application_Security_Testing/11-Client-side_… |
01.1-Testing_for_Self_DOM_Based_Cross_Site_Scripting.md |
software | healthy | document/4-Web_Application_Security_Testing/11-Client-side_… |
09-Testing_for_Clickjacking.md |
software | healthy | document/4-Web_Application_Security_Testing/11-Client-side_… |
01-Testing_for_DOM-based_Cross_Site_Scripting.md |
software | healthy | document/4-Web_Application_Security_Testing/11-Client-side_… |
README.md |
software | healthy | document/4-Web_Application_Security_Testing/11-Client-side_… |
07-Testing_Cross_Origin_Resource_Sharing.md |
software | healthy | document/4-Web_Application_Security_Testing/11-Client-side_… |
06-Testing_for_Client-side_Resource_Manipulation.md |
software | healthy | document/4-Web_Application_Security_Testing/11-Client-side_… |
05-Testing_for_CSS_Injection.md |
software | healthy | document/4-Web_Application_Security_Testing/11-Client-side_… |
04-Testing_for_Client-side_URL_Redirect.md |
software | healthy | document/4-Web_Application_Security_Testing/11-Client-side_… |
10-Testing_WebSockets.md |
software | healthy | document/4-Web_Application_Security_Testing/11-Client-side_… |
02-Testing_for_JavaScript_Execution.md |
software | healthy | document/4-Web_Application_Security_Testing/11-Client-side_… |
12-Testing_Browser_Storage.md |
software | healthy | document/4-Web_Application_Security_Testing/11-Client-side_… |
11-Testing_Web_Messaging.md |
software | healthy | document/4-Web_Application_Security_Testing/11-Client-side_… |
08-Testing_for_Cross_Site_Flashing.md |
software | healthy | document/4-Web_Application_Security_Testing/11-Client-side_… |
15-Testing_for_Client-Side_Template_Injection.md |
software | healthy | document/4-Web_Application_Security_Testing/11-Client-side_… |
13-Testing_for_Cross_Site_Script_Inclusion.md |
software | healthy | document/4-Web_Application_Security_Testing/11-Client-side_… |
14-Testing_for_Reverse_Tabnabbing.md |
software | healthy | document/4-Web_Application_Security_Testing/11-Client-side_… |
09-Testing_for_Weak_Password_Change_or_Reset_Functionalitie… |
software | healthy | document/4-Web_Application_Security_Testing/04-Authenticati… |
04-Testing_for_Bypassing_Authentication_Schema.md |
software | healthy | document/4-Web_Application_Security_Testing/04-Authenticati… |
02-Testing_for_Default_Credentials.md |
software | healthy | document/4-Web_Application_Security_Testing/04-Authenticati… |
README.md |
software | healthy | document/4-Web_Application_Security_Testing/04-Authenticati… |
10-Testing_for_Weaker_Authentication_in_Alternative_Channel… |
software | healthy | document/4-Web_Application_Security_Testing/04-Authenticati… |
07-Testing_for_Weak_Authentication_Methods.md |
software | healthy | document/4-Web_Application_Security_Testing/04-Authenticati… |
06-Testing_for_Browser_Cache_Weaknesses.md |
software | healthy | document/4-Web_Application_Security_Testing/04-Authenticati… |
03-Testing_for_Weak_Lock_Out_Mechanism.md |
software | healthy | document/4-Web_Application_Security_Testing/04-Authenticati… |
05-Testing_for_Vulnerable_Remember_Password.md |
software | healthy | document/4-Web_Application_Security_Testing/04-Authenticati… |
11-Testing_Multi-Factor_Authentication.md |
software | healthy | document/4-Web_Application_Security_Testing/04-Authenticati… |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
get_concurrency_limit |
software | healthy | .github/json/scripts/generate_checklist_json.py:56 |
emit_markdown_report |
software | healthy | .github/json/scripts/generate_checklist_json.py:72 |
__init__ |
software | healthy | .github/json/scripts/generate_checklist_json.py:90 |
fetch_json_with_retry |
software | healthy | .github/json/scripts/generate_checklist_json.py:95 |
extract_cre_ids |
software | healthy | .github/json/scripts/generate_checklist_json.py:148 |
_opencre_coerce_total_pages |
software | healthy | .github/json/scripts/generate_checklist_json.py:182 |
fetch_mapping |
software | dead | .github/json/scripts/generate_checklist_json.py:210 |
_cre_ids_map_from_categories |
software | healthy | .github/json/scripts/generate_checklist_json.py:236 |
load_existing_cre_ids |
software | healthy | .github/json/scripts/generate_checklist_json.py:266 |
collect_cre_ids_by_test_id |
software | healthy | .github/json/scripts/generate_checklist_json.py:283 |
_format_cre_ids_cell |
software | healthy | .github/json/scripts/generate_checklist_json.py:294 |
_sort_test_ids_guide_order |
software | healthy | .github/json/scripts/generate_checklist_json.py:301 |
collect_test_names_by_id |
software | healthy | .github/json/scripts/generate_checklist_json.py:306 |
_cre_row_status |
software | healthy | .github/json/scripts/generate_checklist_json.py:328 |
_cre_status_display |
software | healthy | .github/json/scripts/generate_checklist_json.py:343 |
enrich_with_opencre |
software | healthy | .github/json/scripts/generate_checklist_json.py:349 |
category_label_from_dirname |
software | healthy | .github/json/scripts/generate_checklist_json.py:418 |
wstg_id_from_table_line |
software | healthy | .github/json/scripts/generate_checklist_json.py:436 |
category_wstg_id_from_intro |
software | healthy | .github/json/scripts/generate_checklist_json.py:447 |
title_from_h1_prefix |
software | healthy | .github/json/scripts/generate_checklist_json.py:461 |
is_removed_placeholder_document |
software | healthy | .github/json/scripts/generate_checklist_json.py:467 |
_nonblank_lines_in_objectives_section |
software | healthy | .github/json/scripts/generate_checklist_json.py:476 |
extract_test_objectives |
software | healthy | .github/json/scripts/generate_checklist_json.py:499 |
first_wstg_id_in_document |
software | healthy | .github/json/scripts/generate_checklist_json.py:524 |
reference_url |
software | healthy | .github/json/scripts/generate_checklist_json.py:532 |
_objectives_are_empty_or_blank |
software | healthy | .github/json/scripts/generate_checklist_json.py:536 |
_empty_objective_entries |
software | healthy | .github/json/scripts/generate_checklist_json.py:542 |
_write_empty_objectives_report |
software | healthy | .github/json/scripts/generate_checklist_json.py:562 |
_cre_guide_status_table_rows |
software | healthy | .github/json/scripts/generate_checklist_json.py:590 |
_write_cre_opencre_summary_report |
software | healthy | .github/json/scripts/generate_checklist_json.py:612 |
pipe_escape |
software | healthy | .github/json/scripts/generate_checklist_json.py:692 |
build_checklist |
software | healthy | .github/json/scripts/generate_checklist_json.py:738 |
main |
software | healthy | .github/json/scripts/generate_checklist_json.py:781 |
read_lint_file |
software | healthy | .github/workflows/scripts/format_lint_output.py:14 |
parse_error_line |
software | healthy | .github/workflows/scripts/format_lint_output.py:28 |
extract_error_count |
software | healthy | .github/workflows/scripts/format_lint_output.py:49 |
parse_lint_output |
software | healthy | .github/workflows/scripts/format_lint_output.py:63 |
format_error_line |
software | healthy | .github/workflows/scripts/format_lint_output.py:129 |
format_file_block |
software | healthy | .github/workflows/scripts/format_lint_output.py:145 |
generate_formatted_output |
software | healthy | .github/workflows/scripts/format_lint_output.py:166 |
generate_fallback_output |
software | healthy | .github/workflows/scripts/format_lint_output.py:196 |
main |
software | healthy | .github/workflows/scripts/format_lint_output.py:218 |
set_version |
software | healthy | .github/xlsx/scripts/build-checklist.py:15 |
sha256file |
software | healthy | .github/xlsx/scripts/build-checklist.py:21 |
copy_cell |
software | healthy | .github/xlsx/scripts/build-checklist.py:30 |
lines_of_text |
software | healthy | .github/xlsx/scripts/build-checklist.py:39 |
copy_row |
software | healthy | .github/xlsx/scripts/build-checklist.py:46 |
set_sheet_title |
software | healthy | .github/xlsx/scripts/build-checklist.py:53 |
insert_new_header |
software | healthy | .github/xlsx/scripts/build-checklist.py:56 |
insert_new_item |
software | healthy | .github/xlsx/scripts/build-checklist.py:65 |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
document |
software | healthy | document |
2-Introduction |
software | healthy | document/2-Introduction |
1-Frontispiece |
software | healthy | document/1-Frontispiece |
3-The_OWASP_Testing_Framework |
software | healthy | document/3-The_OWASP_Testing_Framework |
5-Reporting |
software | healthy | document/5-Reporting |
4-Web_Application_Security_Testing |
software | healthy | document/4-Web_Application_Security_Testing |
03-Identity_Management_Testing |
software | healthy | document/4-Web_Application_Security_Testing/03-Identity_Man… |
11-Client-side_Testing |
software | healthy | document/4-Web_Application_Security_Testing/11-Client-side_… |
04-Authentication_Testing |
software | healthy | document/4-Web_Application_Security_Testing/04-Authenticati… |
06-Session_Management_Testing |
software | healthy | document/4-Web_Application_Security_Testing/06-Session_Mana… |
09-Testing_for_Weak_Cryptography |
software | healthy | document/4-Web_Application_Security_Testing/09-Testing_for_… |
10-Business_Logic_Testing |
software | healthy | document/4-Web_Application_Security_Testing/10-Business_Log… |
08-Testing_for_Error_Handling |
software | healthy | document/4-Web_Application_Security_Testing/08-Testing_for_… |
00-Introduction_and_Objectives |
software | healthy | document/4-Web_Application_Security_Testing/00-Introduction… |
01-Information_Gathering |
software | healthy | document/4-Web_Application_Security_Testing/01-Information_… |
02-Configuration_and_Deployment_Management_Testing |
software | healthy | document/4-Web_Application_Security_Testing/02-Configuratio… |
05-Authorization_Testing |
software | healthy | document/4-Web_Application_Security_Testing/05-Authorizatio… |
07-Input_Validation_Testing |
software | healthy | document/4-Web_Application_Security_Testing/07-Input_Valida… |
12-API_Testing |
software | healthy | document/4-Web_Application_Security_Testing/12-API_Testing |
6-Appendix |
software | healthy | document/6-Appendix |
0-Foreword |
software | healthy | document/0-Foreword |
checklists |
software | healthy | checklists |
template |
software | healthy | template |
999-Foo_Testing |
software | healthy | template/999-Foo_Testing |
.github |
software | healthy | .github |
ISSUE_TEMPLATE |
software | healthy | .github/ISSUE_TEMPLATE |
json |
software | healthy | .github/json |
scripts |
software | healthy | .github/json/scripts |
epub |
software | healthy | .github/epub |
scripts |
software | healthy | .github/epub/scripts |
assets |
software | healthy | .github/epub/assets |
www |
software | healthy | .github/www |
latest |
software | healthy | .github/www/latest |
assets |
software | healthy | .github/www/assets |
stable |
software | healthy | .github/www/stable |
v43 |
software | healthy | .github/www/v43 |
v41 |
software | healthy | .github/www/v41 |
v42 |
software | healthy | .github/www/v42 |
workflows |
software | healthy | .github/workflows |
scripts |
software | healthy | .github/workflows/scripts |
xlsx |
software | healthy | .github/xlsx |
scripts |
software | healthy | .github/xlsx/scripts |
actions |
software | healthy | .github/actions |
get-changed-files |
software | healthy | .github/actions/get-changed-files |
pdf |
software | healthy | .github/pdf |
scripts |
software | healthy | .github/pdf/scripts |
assets |
software | healthy | .github/pdf/assets |
configs |
software | healthy | .github/configs |
| Label | Layer | Status | Path |
|---|---|---|---|
lint |
cicd | healthy | .github/workflows/md-lint-check.yml |
build |
cicd | healthy | .github/workflows/build-ebooks.yml |
release |
cicd | healthy | .github/workflows/build-ebooks.yml |
link-check |
cicd | healthy | .github/workflows/md-link-check.yml |
create_pr |
cicd | healthy | .github/workflows/www_stable_update.yml |
textlint |
cicd | healthy | .github/workflows/md-textlint-check.yml |
create_pr |
cicd | healthy | .github/workflows/www_latest_update.yml |
create_pr |
cicd | healthy | .github/workflows/build-checklists.yml |
comment |
cicd | healthy | .github/workflows/comment.yml |
Delete_Runs |
cicd | healthy | .github/workflows/clean-workflow-runs.yml |
link-check |
cicd | healthy | .github/workflows/md-link-check-full.yml |
lint |
cicd | healthy | .github/workflows/dummy.yml |
| Label | Layer | Status | Path |
|---|---|---|---|
gha::md-lint-check |
cicd | healthy | .github/workflows/md-lint-check.yml |
gha::build-ebooks |
cicd | healthy | .github/workflows/build-ebooks.yml |
gha::md-link-check |
cicd | healthy | .github/workflows/md-link-check.yml |
gha::www_stable_update |
cicd | healthy | .github/workflows/www_stable_update.yml |
gha::md-textlint-check |
cicd | healthy | .github/workflows/md-textlint-check.yml |
gha::www_latest_update |
cicd | healthy | .github/workflows/www_latest_update.yml |
gha::build-checklists |
cicd | healthy | .github/workflows/build-checklists.yml |
gha::comment |
cicd | healthy | .github/workflows/comment.yml |
gha::clean-workflow-runs |
cicd | healthy | .github/workflows/clean-workflow-runs.yml |
gha::md-link-check-full |
cicd | healthy | .github/workflows/md-link-check-full.yml |
gha::dummy |
cicd | healthy | .github/workflows/dummy.yml |
| Label | Layer | Status | Path |
|---|---|---|---|
GDRIVESETTINGSFILE |
cicd | healthy | — |
GITHUB_TOKEN |
cicd | healthy | — |
GDRIVEFILEID |
cicd | healthy | — |
GDRIVECREDSFILE |
cicd | healthy | — |
| Label | Layer | Status | Path |
|---|---|---|---|
repobility-clone-mjg_koep |
software | healthy | /tmp/repobility-clone-mjg_koep |
| Label | Layer | Status | Path |
|---|---|---|---|
OpenCRELookupError |
software | healthy | .github/json/scripts/generate_checklist_json.py:87 |
| Label | Layer | Status | Path |
|---|---|---|---|
137.0.0.0 |
network | healthy | .github/json/scripts/generate_checklist_json.py |
| Label | Layer | Status | Path |
|---|---|---|---|
nginx |
network | healthy | .github/configs/.textlintrc.json |
| Label | Layer | Status | Path |
|---|---|---|---|
auth::checklists/checklist.json |
security | healthy | checklists/checklist.json |
This page is publicly accessible at:
https://repobility.com/scan/382bc0d8-e988-4dc6-ab92-f0bb5c90eca4/
To check status programmatically (no auth required):
curl -s https://repobility.com/api/v1/public/scan/382bc0d8-e988-4dc6-ab92-f0bb5c90eca4/Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.