OWASP TimeGap Theory

Learn TOCTOU security issues in web-apps by solving CTF challenges


Find and Exploit TOCTOU issues

Did they tell you that TOCTOU issues just happens to money transfer pages? They are wrong. It can happen to many scenarios. Let's learn some of them. Let's learn where to find them, how to find them, and how to exploit them. For fun and profit!


Enlighten people around you

Were you looking for a platform and tools to teach people around you about TOCTOU issues? OWASP TimeGap Theory is the best for that.


Safeguard your apps

Do you want the power to look at an app, user flow, or app design and be able to tell if the scenario has room for TOCTOU issues? It's a lovely power to have while sitting in a threat-modeling session, and we can help you achieve it.

TimeGap Theory in action.

A quick glimpse before you dive in

Home page of TimeGap Theory

The ultimate root page or landing page of OWASP TimeGap Theory.

See it now!