- A guide to define security requirements to build secure Web applications.
- Developing an industry standard testing framework for Web application security.
- VulnXML – A standard data exhange format to allow commercial, open source and research tools to communicate and interoperate.
- Web Scarab – An open source enterprise-level Web application scanner.
- Developing a component-based approach to filtering malicious input and output to a Web application.
- Web Maven – An intentionally insecure Internet bank users can download and learn from.
All of the project s software and documentation is released under the GNU GPL, and the project is staffed entirely of volunteers.