- OWASP Top 10 - 2007 Edition
- OWASP Testing Guide v2.0 and OWASP Testing Guide (Paperback)
- OWASP Code Review
- OWASP Secure Software Contract Annex v1.0
- OWASP Application Security Verification Standard
- OWASP Ruby on Rails Security Guide
- Securing WebGoat using ModSecurity
- OWASP APPSENSOR
- OWASP Backend Security
- in Spanish
- OWASP Top10 - Legal - FAQ (Espanol)
- OWASP Testing Guide v2.0 (Guia de Pruebas)
- OWASP Development Guide (Guia De Desarrollo) v2.0.1
- in Portuguese
- non-OWASP branded:
- OWASP Top10 - Testing - Legal 07
- OWASP Developers Guide v2.0 (2005) (quite old now)
- OWASP CLASP v1.2 (quite old now)
- OWASP WebGoat and WebScarab
- OWASP World (Nov 2007)
- OWASP ASDR Application Security Desk Reference - SoC2008 (Alpha)
- OWASP Evaluation And Certification Criteria
- OWASP Code Review - 2008 (RC2)
- OWASP SpoC 2007
- OWASP Top 10 - Ruby on Rails version
Humm, there is a number of books that really shouldn't be there, we actually need to get a better grip on this books.
There is a lot of potential here, and it would be great to expose more people to these books. I also would like to see more books created from OWASP materials and for presentations done at OWASP Conferences and Chapters
We need more help in managing these books and the publishing process, anybody wants to help? (here is the OWASP books page at the OWASP WIKI)
Dinis Cruz