fix duplicate links reported in build

draft/04-foundations/02-secure-development.md

@@ -148,7 +148,7 @@ There are many OWASP tools and resources to help build security into the SDLC.
 
 #### OWASP training projects
 
-* [API Security Project][api-security] (API Top 10)
+* [API Security Project][apisec] (API Top 10)
 * [Juice Shop][juice]
 * [Mobile Top 10][mobile10]
 * [Security Shepherd][sec-shep]
@@ -174,7 +174,7 @@ The OWASP Developer Guide is a community effort; if there is something that need
 then [submit an issue][issue0402] or [edit on GitHub][edit0402].
 
 [amass]: https://owasp.org/www-project-amass/
-[api-security]: https://owasp.org/www-project-api-security/
+[apisec]: https://owasp.org/API-Security
 [asvs]: https://owasp.org/www-project-application-security-verification-standard/
 [cheatproject]: https://owasp.org/www-project-cheat-sheets/
 [cornucopia]: https://owasp.org/www-project-cornucopia/

draft/04-foundations/05-top-ten.md

@@ -164,7 +164,7 @@ This is a new category introduced in 2021 with a single (for now) [Cheat Sheet][
 There are various 'Top 10' projects created by OWASP that, depending on the context,
 may also be referred to as 'OWASP Top 10'. Here is a list of the stable 'OWASP Top 10' projects:
 
-* [API Security Top 10][api-security]
+* [API Security Top 10][apisec]
 * [Data Security Top 10][data10]
 * [Low-Code/No-Code Top 10][lcnc10]
 * [Mobile Top 10][mobile10]
@@ -201,7 +201,7 @@ then [submit an issue][issue0405] or [edit on GitHub][edit0405].
 [a09cs]: https://cheatsheetseries.owasp.org/IndexTopTen.html#a092021-security-logging-and-monitoring-failures
 [a10]: https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29/
 [a10cs]: https://cheatsheetseries.owasp.org/IndexTopTen.html#a102021-server-side-request-forgery-ssrf
-[api-security]: https://owasp.org/www-project-api-security/
+[apisec]: https://owasp.org/API-Security
 [cicd10]: https://owasp.org/www-project-top-10-ci-cd-security-risks/
 [cwe284]: https://cwe.mitre.org/data/definitions/284.html
 [data10]: https://owasp.org/www-project-data-security-top-10/

draft/06-design/00-toc.md

@@ -75,7 +75,7 @@ The OWASP Developer Guide is a community effort; if there is something that need
 [sammd]: https://owaspsamm.org/model/design/
 [sammdsr]: https://owaspsamm.org/model/design/security-requirements/
 [sammdsa]: https://owaspsamm.org/model/design/security-architecture/
-[sammdta]: https://owaspsamm.org/model/design/threat-assessment
+[sammdta]: https://owaspsamm.org/model/design/threat-assessment/
 [spdcs]: https://cheatsheetseries.owasp.org/cheatsheets/Secure_Product_Design_Cheat_Sheet.html
 
 \newpage

draft/06-design/01-threat-modeling/01-threat-modeling.md

@@ -264,7 +264,7 @@ then [submit an issue][issue060101] or [edit on GitHub][edit060101].
 [eop]: https://shostack.org/games/elevation-of-privilege
 [edit060101]: https://github.com/OWASP/www-project-developer-guide/blob/main/draft/06-design/01-threat-modeling/01-threat-modeling.md
 [issue060101]: https://github.com/OWASP/www-project-developer-guide/issues/new?labels=enhancement&template=request.md&title=Update:%2006-design/01-threat-modeling/01-threat-modeling
-[linddun]: https://www.linddun.org/
+[linddun]: https://linddun.org/
 [nist-cvss]: https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator
 [otm]: https://owasp.org/www-project-threat-model/
 [pasta]: https://versprite.com/blog/what-is-pasta-threat-modeling/

draft/06-design/toc.md

@@ -78,5 +78,5 @@ then [submit an issue][issue0600] or [edit on GitHub][edit0600].
 [sammd]: https://owaspsamm.org/model/design/
 [sammdsr]: https://owaspsamm.org/model/design/security-requirements/
 [sammdsa]: https://owaspsamm.org/model/design/security-architecture/
-[sammdta]: https://owaspsamm.org/model/design/threat-assessment
+[sammdta]: https://owaspsamm.org/model/design/threat-assessment/
 [spdcs]: https://cheatsheetseries.owasp.org/cheatsheets/Secure_Product_Design_Cheat_Sheet.html

draft/07-implementation/03-secure-libraries/01-esapi.md

@@ -59,7 +59,7 @@ The OWASP Developer Guide is a community effort; if there is something that need
 then [submit an issue][issue070301] or [edit on GitHub][edit070301].
 
 [bean]: http://beanvalidation.org/
-[csrfguard]: https://owasp.org/www-project-csrfguard
+[csrfguard]: https://owasp.org/www-project-csrfguard/
 [edit070301]: https://github.com/OWASP/www-project-developer-guide/blob/main/draft/07-implementation/03-secure-libraries/01-esapi.md
 [esapi-docs]: https://www.javadoc.io/doc/org.owasp.esapi/esapi/latest/index.html
 [esapi-java]: https://mvnrepository.com/artifact/org.owasp.esapi/esapi

draft/09-training-education/07-api-top-ten.md

@@ -14,11 +14,11 @@ permalink: /draft/training_education/api_top_ten/
 
 ### 7.7 API Top 10
 
-The OWASP [API Security Project][api-security] (API Top 10) explains strategies and solutions to help the understanding
+The OWASP [API Security Project][apisec] (API Top 10) explains strategies and solutions to help the understanding
 and mitigation of the unique vulnerabilities and security risks of Application Programming Interfaces (APIs).
 
-The [API Top 10][api-security-project] is an OWASP Laboratory Project
-which is accessed as a [web based document][api-security-doc].
+The [API Top 10][apisec-project] is an OWASP Laboratory Project
+which is accessed as a [web based document][apisec-doc].
 
 #### What is the API Top 10?
 
@@ -41,7 +41,7 @@ as well as a documentation portal for best practices when creating or assessing
 #### Why use it?
 
 Most software projects use APIs in some form or another.
-Developers and security engineers should be encouraged to refer to the [API Security Project][api-security]
+Developers and security engineers should be encouraged to refer to the [API Security Top 10][apisec]
 to assist them when acting as security builders, breakers, and defenders for an organization.
 
 ----
@@ -59,9 +59,9 @@ then [submit an issue][issue0907] or [edit on GitHub][edit0907].
 [api08]: https://owasp.org/API-Security/editions/2023/en/0xa8-security-misconfiguration/
 [api09]: https://owasp.org/API-Security/editions/2023/en/0xa9-improper-inventory-management/
 [api10]: https://owasp.org/API-Security/editions/2023/en/0xaa-unsafe-consumption-of-apis/
-[api-security]: https://owasp.org/API-Security
-[api-security-doc]: https://owasp.org/API-Security/editions/2023/en/0x00-header/
-[api-security-project]: https://owasp.org/www-project-api-security/
+[apisec]: https://owasp.org/API-Security
+[apisec-doc]: https://owasp.org/API-Security/editions/2023/en/0x00-header/
+[apisec-project]: https://owasp.org/www-project-api-security/
 [edit0907]: https://github.com/OWASP/www-project-developer-guide/blob/main/draft/09-training-education/07-api-top-ten.md
 [issue0907]: https://github.com/OWASP/www-project-developer-guide/issues/new?labels=content&template=request.md&title=Update:%2009-training-education/07-api-top-ten
 

draft/09-training-education/08-wrongsecrets.md

@@ -50,7 +50,7 @@ You can set WrongSecrets up in standalone or in capture the flag (CTF) mode on D
 
 Set-up guides for the standalone version are available in the [project README][readme].
 
-For the CTF, the project also provides [set-up guides][ctf] and a [Helm chart][helm].
+For the CTF, the project also provides [set-up guides][ctf] and a [Helm chart][wrongsecrets-helm].
 
 ---
 
@@ -59,7 +59,7 @@ then [submit an issue][issue0908] or [edit on GitHub][edit0908].
 
 [ctf]: https://github.com/OWASP/wrongsecrets/blob/master/ctf-instructions.md
 [edit0908]: https://github.com/OWASP/www-project-developer-guide/blob/main/draft/09-training-education/08-wrongsecrets.md
-[helm]: https://owasp.org/wrongsecrets-ctf-party/
+[wrongsecrets-helm]: https://owasp.org/wrongsecrets-ctf-party/
 [heroku]: https://wrongsecrets.herokuapp.com/
 [issue0908]: https://github.com/OWASP/www-project-developer-guide/issues/new?labels=content&template=request.md&title=Update:%2009-training-education/08-wrongsecrets
 [readme]: https://github.com/OWASP/wrongsecrets/blob/master/README.md

draft/10-culture-process/03-samm.md

@@ -77,9 +77,9 @@ then [submit an issue][issue1003] or [edit on GitHub][edit1003].
 [sammd]: https://owaspsamm.org/model/design/
 [sammfun]: https://owaspsamm.thinkific.com/courses/samm
 [sammg]: https://owaspsamm.org/model/governance/
-[sammi]: https://owaspsamm.org/model/implementation
-[sammo]: https://owaspsamm.org/model/operations
-[sammv]: https://owaspsamm.org/model/verification
+[sammi]: https://owaspsamm.org/model/implementation/
+[sammo]: https://owaspsamm.org/model/operations/
+[sammv]: https://owaspsamm.org/model/verification/
 [samm-project]: https://owasp.org/www-project-samm/
 [spotlight09]: https://youtu.be/N0zcZnkH5Wg
 

draft/11-operations/02-coraza.md

@@ -15,7 +15,7 @@ permalink: /draft/operations/coraza_waf/
 ### 9.2 Coraza Web Application Firewall
 
 The [OWASP Coraza][coraza-project] project provides a golang enterprise-grade Web Application Firewall framework
-that supports the [ModSecurity][modsecurity] seclang language
+that supports the [ModSecurity][modsec] seclang language
 and is completely compatible with the OWASP [Core Rule Set][modcrs] (CRS).
 Coraza is in active development as an OWASP Production code project,
 with the first stable version released in September 2021 and several releases since then.
@@ -37,7 +37,7 @@ Coraza can be deployed:
 
 Web Application Firewalls are usually the first line of defense against HTTP attacks on web applications and servers.
 The Coraza WAF is widely used for providing this security, especially for cloud applications,
-along with the original OWASP [ModSecurity][modsecurity] WAF.
+along with the original OWASP [ModSecurity][modsec] WAF.
 
 #### How to use Coraza
 
@@ -65,7 +65,7 @@ then [submit an issue][issue1102] or [edit on GitHub][edit1102].
 [coraza-wasm]: https://github.com/corazawaf/coraza-proxy-wasm
 [edit1102]: https://github.com/OWASP/www-project-developer-guide/blob/main/draft/11-operations/02-coraza.md
 [issue1102]: https://github.com/OWASP/www-project-developer-guide/issues/new?labels=content&template=request.md&title=Update:%2011-operations/02-coraza
-[modcrs]: https://owasp.org/www-project-modsecurity-core-rule-set/
-[modsecurity]: https://owasp.org/www-project-modsecurity/
+[modcrs]: https://coreruleset.org/
+[modsec]: https://owasp.org/www-project-modsecurity/
 
 \newpage

draft/11-operations/03-modsecurity.md

@@ -14,14 +14,14 @@ permalink: /draft/operations/modsecurity_waf/
 
 ### 9.3 ModSecurity Web Application Firewall
 
-[ModSecurity][modsecurity] is an open source Web Application Firewall (WAF) widely deployed on web servers
+[ModSecurity][modsec] is an open source Web Application Firewall (WAF) widely deployed on web servers
 that has been in continuous development and widespread use since 2002.
 
 In 2024 it became an OWASP Production project, supported by the existing leadership and contributors.
 
 #### What is ModSecurity?
 
-In January 2024 the [ModSecurity][modsecurity] Web Application Firewall project was [adopted by OWASP][modsecpress],
+In January 2024 the [ModSecurity][modsec] Web Application Firewall project was [adopted by OWASP][modsec-press],
 previously [TrustWave][trustwave] had been the custodian of this project.
 ModSecurity itself has a long history as an open source project, the first release was in November 2002,
 and is widely used as a web application firewall for cloud and on-premises web servers.
@@ -42,8 +42,8 @@ or deployed within the web server itself, to provide protection against HTTP att
 
 The rules applied to the HTTP traffic are provided as configuration to ModSecurity,
 and these rules allow many different actions to be applied such as blocking traffic, redirecting requests, and many more.
-See the documentation for [deploying and running][modsecdocs] ModSecurity,
-along with the documentation on configuring ModSecurity with the [Core Rule Set][modcrsdocs].
+See the documentation for [deploying and running][modsec-docs] ModSecurity,
+along with the documentation on configuring ModSecurity with the [Core Rule Set][modcrs].
 
 ----
 
@@ -53,11 +53,10 @@ then [submit an issue][issue1103] or [edit on GitHub][edit1103].
 [coraza]: https://coraza.io/
 [edit1103]: https://github.com/OWASP/www-project-developer-guide/blob/main/draft/11-operations/03-modsecurity.md
 [issue1103]: https://github.com/OWASP/www-project-developer-guide/issues/new?labels=content&template=request.md&title=Update:%2011-operations/03-modsecurity
-[modcrs]: https://owasp.org/www-project-modsecurity-core-rule-set/
-[modcrsdocs]: https://coreruleset.org/
-[modsecdocs]: https://www.modsecurity.org/
-[modsecurity]: https://owasp.org/www-project-modsecurity/
-[modsecpress]: https://owasp.org/blog/2024/01/09/ModSecurity.html
+[modcrs]: https://coreruleset.org/
+[modsec]: https://owasp.org/www-project-modsecurity/
+[modsec-docs]: https://www.modsecurity.org/
+[modsec-press]: https://owasp.org/blog/2024/01/09/ModSecurity.html
 [trustwave]: https://www.trustwave.com/
 
 \newpage

draft/11-operations/04-modsecurity-crs.md

@@ -15,12 +15,13 @@ permalink: /draft/operations/modsecurity_core_rule_set/
 ### 9.4 ModSecurity Core Rule Set
 
 The OWASP ModSecurity [Core Rule Set][modcrs-project] (CRS) project is a set of generic attack detection rules
-for use with [ModSecurity][modsecurity] compatible web application firewalls such as [OWASP Coraza][coraza].
-CRS is an OWASP Flagship tool project and can be [downloaded][modcrs-download] for either Apache or IIS/Nginx web servers.
+for use with [ModSecurity][modsec] compatible web application firewalls such as [OWASP Coraza][coraza].
+CRS is an OWASP [Flagship tool project][modcrs-project] and can be [downloaded][modcrs-download]
+for either Apache or IIS/Nginx web servers.
 
 #### What is the Core Rule Set?
 
-The [Core Rule Set][modcrs] (CRS) are attack detection rules for use with [ModSecurity][modsecurity],
+The [Core Rule Set][modcrs] (CRS) are attack detection rules for use with [ModSecurity][modsec],
 [Coraza[coraza] and other ModSecurity compatible web application firewalls.
 The CRS aims to protect web applications from a wide range of attacks with a minimum of false alerts.
 The CRS provides protection against many common attack categories, including those in the OWASP Top Ten.
@@ -35,7 +36,7 @@ for various attacks and malicious traffic is blocked.
 #### How to use it
 
 The use of the Core Rule Set assumes that a ModSecurity, Coraza or compatible WAF has been installed.
-Refer to the [Coraza tutorial][coraza-tutorial] or the [ModSecurity][modsecdocs] on how to do this.
+Refer to the [Coraza tutorial][coraza-tutorial] or the [ModSecurity][modsec-docs] on how to do this.
 
 To get started with CRS refer to the Core Rule Set [installation instructions][modcrs-download].
 
@@ -51,11 +52,11 @@ then [submit an issue][issue1104] or [edit on GitHub][edit1104].
 [coraza-tutorial]: https://coraza.io/docs/tutorials/quick-start/
 [edit1104]: https://github.com/OWASP/www-project-developer-guide/blob/main/draft/11-operations/04-modsecurity-crs.md
 [issue1104]: https://github.com/OWASP/www-project-developer-guide/issues/new?labels=content&template=request.md&title=Update:%2011-operations/04-modsecurity-crs
-[modcrs-project]: https://owasp.org/www-project-modsecurity-core-rule-set/
-[modcrs-download]: https://coreruleset.org/docs/deployment/install/
 [modcrs]: https://coreruleset.org/
-[modsecurity]: https://owasp.org/www-project-modsecurity/
-[modsecdocs]: https://www.modsecurity.org/
+[modcrs-download]: https://coreruleset.org/docs/deployment/install/
+[modcrs-project]: https://owasp.org/www-project-modsecurity-core-rule-set/
+[modsec]: https://owasp.org/www-project-modsecurity/
+[modsec-docs]: https://www.modsecurity.org/
 [spotlight03]: https://youtu.be/88ZMKpiZbRI
 
 \newpage

draft/13-security-gap-analysis/01-guides/01-samm.md

@@ -74,9 +74,9 @@ then [submit an issue][issue130101] or [edit on GitHub][edit130101].
 [samma]: https://owaspsamm.org/assessment/
 [sammd]: https://owaspsamm.org/model/design/
 [sammg]: https://owaspsamm.org/model/governance/
-[sammi]: https://owaspsamm.org/model/implementation
-[sammo]: https://owaspsamm.org/model/operations
-[sammv]: https://owaspsamm.org/model/verification
+[sammi]: https://owaspsamm.org/model/implementation/
+[sammo]: https://owaspsamm.org/model/operations/
+[sammv]: https://owaspsamm.org/model/verification/
 [samm-project]: https://owasp.org/www-project-samm/
 [samwise]: https://github.com/owaspsamm/sammwise
 [sammy]: https://sammy.codific.com/

draft/13-security-gap-analysis/02-blt.md

@@ -49,14 +49,14 @@ and encourage users/reporters to use the [BLT app][bltapp] and chrome [extension
 ----
 
 The OWASP Developer Guide is a community effort; if there is something that needs changing
-then [submit an issue][issue1102] or [edit on GitHub][edit1102].
+then [submit an issue][issue1302] or [edit on GitHub][edit1302].
 
 [blt]: https://owasp.org/www-project-bug-logging-tool/
 [bltchrome]: https://github.com/OWASP/BLT-Extension
 [bltcore]: https://github.com/OWASP/BLT
 [bltapp]: https://github.com/OWASP/BLT-Flutter
 [bltsite]: https://blt.owasp.org/
-[edit1102]: https://github.com/OWASP/www-project-developer-guide/blob/main/draft/13-security-gap-analysis/02-blt.md
-[issue1102]: https://github.com/OWASP/www-project-developer-guide/issues/new?labels=content&template=request.md&title=Update:%2013-security-gap-analysis/02-blt
+[edit1302]: https://github.com/OWASP/www-project-developer-guide/blob/main/draft/13-security-gap-analysis/02-blt.md
+[issue1302]: https://github.com/OWASP/www-project-developer-guide/issues/new?labels=content&template=request.md&title=Update:%2013-security-gap-analysis/02-blt
 
 \newpage