OWASP OWTF CFP funds contest

As announced at AppSec EU recently. OWASP OWTF has (thank you!):

Instead of taking this to pay myself for working on OWTF in my spare time, I’m giving it away so that others are paid to work on OWTF: There is a contest to apply for this money and you can apply to all or part of it.


  • September 8th – October 15th: Call for OWASP OWTF Proposals
  • October 16th – 21st (might end sooner): Review of proposals by CFP panel
  • October 21st (might be earlier): Public winner(s) announcement

To apply please click here.
NOTE: You can change your proposal as many times as you want until October 15th.
NOTE 2: Each candidate can submit more than one proposal

Contest rules (IMPORTANT: Subject to minor modifications, keep an eye on this):

  • Project payment will be performed upon project completion
  • Contributing to OWASP OWTF in advance of acceptance will award extra points
  • The technical strength of the candidate will award extra points (especially with proof such as a github page)
  • Regarless of your technical strength a decent proposal will award extra points
  • The proposed project must be relevant to the OWASP OWTF mission: “To cover as much from the OWASP Testing Guide and the Penetration Testing Execution Standard as it is feasible”

Need help?


Q: Does the proposal have to fit into the Google Form text box? or can I append a file with the fully-explained proposal?
A: If you can provide a link to a public but not searchable google document or PDF in dropbox or an alternative service, that’s OK. This is probably better since you will be able to add some graphs to explain what you are proposing and the proposal will be easier to understand for reviewers then.

Q: Is it possible to start working in January 2014?
A: Yes, you can specify the start and end dates that suit you best in your proposal, these are mandatory fields in your submission.

Q: Is it necessary to have a CV?
A: Of course not! However, some proof of your skills would be nice (github account, prior involvement in open source projects, doing something for owtf and point to a pull request, whatever)