OWASP NINJA-PingU is a high performance network scanner tool for large scale analyses. It has been designed with performance as its primary goal and developed as a framework to allow easy plugin integration. For more information on OWASP NINJA-PingU, check out the project’s wiki page here: https://www.owasp.org/index.php/OWASP_NINJA_PingU_Project
OWASP PCI Toolkit is a c# Windows form project, that will help you to scope the PCI-DSS requirements for your System Components. Beta version of this tool will be released May 2014. The OWASP PCI Toolkit page can be found here: https://www.owasp.org/index.php/Category:OWASP_PCI_Project
Hackademic Challenges Project implements realistic scenarios with known vulnerabilities in a safe, controllable environment. Users can attempt to discover and exploit these vulnerabilities in order to learn important concepts of information security through the attacker's perspective. Currently, there are 10 web application security scenarios available. https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project
OWASP WTE is an enhancement of the original OWASP Live CD Project and expands the offering from a static Live CD ISO image to a collection of sub-projects. Its primary goal is to make application security tools and documentation easily available and easy to use. More information on the OWASP WTE project can be found here: https://www.owasp.org/index.php/OWASP_Web_Testing_Environment_Project
OWASP ZAP, or Zed Attack Proxy is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. More information on OWASP ZAP can be found on the project page here: https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
OWASP Bywaf, a web application penetration testing framework (WAPTF). It consists of a command-line interpreter and a set of plugins. More information on OWASP Bywaf can be found on the project’s wiki page here: https://www.owasp.org/index.php/OWASP_Bywaf_ProjectWebGoatPHP is a deliberately insecure web application developed using PHP to teach web application security. It offers a set of challenges based on various vulnerabilities listed in OWASP. In each challenge the user must exploit the real vulnerability to demonstrate their understanding. The application is a realistic teaching environment and supports four different modes.This projetc is part of the PHP security framework, sponsored by Google Summer of Code 2014.