Awareness Tool
Security Checklist
Tell us what you're building. Get a tailored OWASP-based checklist, mark what's done, and see exactly where your gaps are.
1 What are you building?
2 Review checklist
3 Your risk score
Select everything that applies to your project (choose at least one):
Checklist FAQ
Each item maps to OWASP guidelines, primarily the OWASP Top 10 (2021) and OWASP ASVS (Application Security Verification Standard) Level 1. These are the most widely adopted security benchmarks for web applications.
No. Everything runs in your browser. Nothing is sent to any server. Refreshing the page resets it.
A checklist is a starting point, not a guarantee. It covers the most common attack vectors but does not replace a professional security review, penetration test, or threat model for high-risk applications.
Critical items are vulnerabilities that are actively exploited in the wild and can lead to full account takeover, data breach, or remote code execution. Fix these first before anything else.