ESAPI (OWASP企业安全应用程序接口)是一个免费、开源的、网页应用程序安全控件库，它使程序员能够更容易写出更低风险的程序。ESAPI接口库被设计来使程序员能够更容易的在现有的程序中引入安全因素。ESAPI库也可以成为作为新程序开发的基础。目前ESAPI更新至ESAPI 2.0GA版，新版主要改变如下：
    Upgrade baseline to use Java5
    Completely redesigned and rewrote Encryptor
    New and Improved Validation and Encoding Methods
    Complete redesign of the ESAPI Locator and ObjectFactory
    More unit tests
    ESAPI Jar is now Signed with an OWASP Code Signing Certificate
    ESAPI Jar is Sealed
    And much, much more
工具下载：https://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API#tab=Downloads