OWASP BLT Project

🔒 OWASP-Wich

OWASP Project Compliance Checker

Check GitHub repositories against OWASP standards and best practices

Optional: GitHub Token (for higher rate limits)

Without a token: 60 requests/hour
With a token: 5,000 requests/hour
Create a token

About OWASP-Wich

This tool evaluates 100 compliance points across 10 key categories to ensure your GitHub repository meets OWASP quality, security, and governance standards.

General Compliance & Governance (10 points)
Project structure, licensing, and governance
Documentation & Usability (10 points)
README, guides, and user documentation
Code Quality & Best Practices (10 points)
Code standards and maintainability
Security & OWASP Compliance (15 points)
Security practices and OWASP standards
CI/CD & DevSecOps (10 points)
Automation and security integration
Testing & Validation (10 points)
Test coverage and quality
Performance & Scalability (10 points)
Performance optimization
Logging & Monitoring (10 points)
Observability and logging practices
Community & Support (10 points)
Community engagement and support
Legal & Compliance (5 points)
Licensing and legal compliance

References