{"id":24414848,"url":"https://github.com/andifalk/asvs-testing","last_synced_at":"2026-04-29T02:32:38.314Z","repository":{"id":209178481,"uuid":"723413898","full_name":"andifalk/ASVS-Testing","owner":"andifalk","description":"Use the OWASP Application Security Verification Standard as a Guide for Automated Unit and Integration Tests","archived":false,"fork":false,"pushed_at":"2023-11-26T22:03:20.000Z","size":74,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-01-20T07:19:37.564Z","etag":null,"topics":["asvs","java","owasp","requirements","security","test-automation","testing"],"latest_commit_sha":null,"homepage":"https://github.com/OWASP/ASVS","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/andifalk.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2023-11-25T15:38:42.000Z","updated_at":"2023-11-25T16:23:22.000Z","dependencies_parsed_at":"2023-12-14T23:11:48.184Z","dependency_job_id":"f48def30-d0ea-4028-a471-ef7d0b9872c3","html_url":"https://github.com/andifalk/ASVS-Testing","commit_stats":{"total_commits":7,"total_committers":2,"mean_commits":3.5,"dds":0.2857142857142857,"last_synced_commit":"45cb6b76cf729d851f760e2f47a41aad74c92d04"},"previous_names":["andifalk/asvs-testing"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/andifalk%2FASVS-Testing","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/andifalk%2FASVS-Testing/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/andifalk%2FASVS-Testing/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/andifalk%2FASVS-Testing/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/andifalk","download_url":"https://codeload.github.com/andifalk/ASVS-Testing/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243392327,"owners_count":20283565,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["asvs","java","owasp","requirements","security","test-automation","testing"],"created_at":"2025-01-20T07:19:37.094Z","updated_at":"2025-12-29T02:39:54.182Z","avatar_url":"https://github.com/andifalk.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ASVS-Testing\n\nUse the OWASP Application Security Verification Standard as a Guide for Automated Unit and Integration Tests\n\n\n\n### V1 Architecture, Design and Threat Modeling\n\nThis section cannot be tested automatically\n\n### V2 Authentication\n\n|       Requirements Subsection       |               Requirement(s)                |          Test Class           |    Test Type     |\n|:-----------------------------------:|:-------------------------------------------:|:-----------------------------:|:----------------:|\n|       V2.1 Password Security        | 2.1.1, 2.1.2, 2.1.3\u003cbr/\u003e2.1.4, 2.1.7, 2.1.9 |      PasswordPolicyTest       |    Unit Test     |\n|       V2.1 Password Security        |                2.1.5, 2.1.6                 | ChangePasswordIntegrationTest | Integration Test |\n|       V2.1 Password Security        |            2.1.8, 2.1.11, 2.1.12            |              --               |     UI Test      |\n| V2.2 General Authenticator Security |            2.1.8, 2.1.11, 2.1.12            |              --               |     UI Test      |\n|    V2.3 Authenticator Lifecycle     |            2.1.8, 2.1.11, 2.1.12            |              --               |     UI Test      |\n|       V2.4 Credential Storage       |        2.4.1, 2.4.2\u003cbr/\u003e2.4.4, 2.4.5        |              --               | Integration Test |\n|      V2.5 Credential Recovery       |        2.5.1, 2.4.2\u003cbr/\u003e2.4.4, 2.4.5        |              --               | Integration Test |\n\n### V3 Session Management\n\n|           Requirements Subsection            | Requirement(s) | Test Class |     Test Type     |\n|:--------------------------------------------:|:--------------:|:----------:|:-----------------:|\n| V3.1 Fundamental Session Management Security |     3.1.1      |     --     |     Unit Test     |\n|             V3.2 Session Binding             |  3.2.1, 3.2.2  |     --     | Integration Test  |\n|     V3.3 Session Termination                 | 3.3.1 - 3.3.4  |  --        | Integration Test  |\n\n\n### V4 Access Control\n\n|       Requirements Subsection       |               Requirement(s)                |           Test Class            |    Test Type     |\n|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|\n|       V2.1 Password Security        | 2.1.1, 2.1.2, 2.1.3\u003cbr/\u003e2.1.4, 2.1.7, 2.1.9 |       PasswordPolicyTest        |    Unit Test     |\n\n### V5 Validation, Sanitization and Encoding\n\n|       Requirements Subsection       |               Requirement(s)                |           Test Class            |    Test Type     |\n|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|\n|       V2.1 Password Security        | 2.1.1, 2.1.2, 2.1.3\u003cbr/\u003e2.1.4, 2.1.7, 2.1.9 |       PasswordPolicyTest        |    Unit Test     |\n\n### V6 Stored Cryptography\n\n|       Requirements Subsection       |               Requirement(s)                |           Test Class            |    Test Type     |\n|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|\n|       V2.1 Password Security        | 2.1.1, 2.1.2, 2.1.3\u003cbr/\u003e2.1.4, 2.1.7, 2.1.9 |       PasswordPolicyTest        |    Unit Test     |\n\n### V7 Error Handling and Logging\n\n|       Requirements Subsection       |               Requirement(s)                |           Test Class            |    Test Type     |\n|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|\n|       V2.1 Password Security        | 2.1.1, 2.1.2, 2.1.3\u003cbr/\u003e2.1.4, 2.1.7, 2.1.9 |       PasswordPolicyTest        |    Unit Test     |\n\n### V8 Data Protection\n\n|       Requirements Subsection       |               Requirement(s)                |           Test Class            |    Test Type     |\n|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|\n|       V2.1 Password Security        | 2.1.1, 2.1.2, 2.1.3\u003cbr/\u003e2.1.4, 2.1.7, 2.1.9 |       PasswordPolicyTest        |    Unit Test     |\n\n### V9 Communication\n\n|       Requirements Subsection       |               Requirement(s)                |           Test Class            |    Test Type     |\n|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|\n|       V2.1 Password Security        | 2.1.1, 2.1.2, 2.1.3\u003cbr/\u003e2.1.4, 2.1.7, 2.1.9 |       PasswordPolicyTest        |    Unit Test     |\n\n### V10 Malicious Code\n\n|       Requirements Subsection       |               Requirement(s)                |           Test Class            |    Test Type     |\n|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|\n|       V2.1 Password Security        | 2.1.1, 2.1.2, 2.1.3\u003cbr/\u003e2.1.4, 2.1.7, 2.1.9 |       PasswordPolicyTest        |    Unit Test     |\n\n### V11 Business Logic\n\n|       Requirements Subsection       |               Requirement(s)                |           Test Class            |    Test Type     |\n|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|\n|       V2.1 Password Security        | 2.1.1, 2.1.2, 2.1.3\u003cbr/\u003e2.1.4, 2.1.7, 2.1.9 |       PasswordPolicyTest        |    Unit Test     |\n\n### V12 Files and Resources\n\n|       Requirements Subsection       |               Requirement(s)                |           Test Class            |    Test Type     |\n|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|\n|       V2.1 Password Security        | 2.1.1, 2.1.2, 2.1.3\u003cbr/\u003e2.1.4, 2.1.7, 2.1.9 |       PasswordPolicyTest        |    Unit Test     |\n\n### V13 API and Web Service\n\n|       Requirements Subsection       |               Requirement(s)                |           Test Class            |    Test Type     |\n|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|\n|       V2.1 Password Security        | 2.1.1, 2.1.2, 2.1.3\u003cbr/\u003e2.1.4, 2.1.7, 2.1.9 |       PasswordPolicyTest        |    Unit Test     |\n\n### V14 Configuration\n\n|       Requirements Subsection       |               Requirement(s)                |           Test Class            |    Test Type     |\n|:-----------------------------------:|:-------------------------------------------:|:-------------------------------:|:----------------:|\n|       V2.1 Password Security        | 2.1.1, 2.1.2, 2.1.3\u003cbr/\u003e2.1.4, 2.1.7, 2.1.9 |       PasswordPolicyTest        |    Unit Test     |\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fandifalk%2Fasvs-testing","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fandifalk%2Fasvs-testing","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fandifalk%2Fasvs-testing/lists"}