standards-and-practices icon indicating copy to clipboard operation
standards-and-practices copied to clipboard

Published 20 hours ago verified publisher icon Shift3

Bring App Security Class content into this repo

Open coreyshuman opened this issue 6 years ago • 7 comments

Add documentation and resources from the application security class.

Topics:

  • [ ] Introduction to Secure Software Development Cycle
  • [ ] SQL Injection
  • [ ] MongoDb Query Injection
  • [x] Cross Site Scripting (XSS)
  • [ ] Cross Site Request Forgery (CSRF)
  • [ ] Session hijacking / session replay
  • [ ] User Data Sanitization
  • [ ] Cross-Origin Resource Sharing (CORS)
  • [ ] Content Security Policy (CSP)
  • [ ] Passwords and Validation
  • [ ] Authorization (tokens, cookies, etc)
  • [ ] Authentication (User roles and permissions)
  • [ ] Cryptography (Encryption, Hashing, etc)
  • [ ] Error Handling
  • [ ] Auditing and Logging
  • [ ] Setting up SSL
  • [ ] Handling Sensitive Data

Tools:

  • [ ] Kali Linux
    • WPScan
    • nmap
  • [ ] Wireshark
  • [ ] Postman
  • [ ] Postico

coreyshuman avatar Apr 03 '18 03:04 coreyshuman