awesome-appsec
CheatSheetSeries
awesome-appsec | CheatSheetSeries | |
---|---|---|
6 | 49 | |
6,098 | 26,553 | |
0.6% | 1.0% | |
0.0 | 9.2 | |
8 months ago | 4 days ago | |
PHP | Python | |
MIT License | Creative Commons Attribution Share Alike 4.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
awesome-appsec
-
Aside from OWASP, are there other relevant certs to get for App Sec?
For resources : https://github.com/paragonie/awesome-appsec
-
Cybersecurity Repositories
AppSec
-
Resources to learn secure coding? App Sec and Web Sec?
Here is a repo of some resources. You are going to need to learn to walk before you run so that at a concrete level you can articulate what secure vs insecure code is and why it matters, then dive into appsec. No disrespect intended but from the way this is written my suggestion would be to focus on computer science foundational concepts as well as spending significant time writing and reading code. This will likely be a several year journey if you are a total beginner but the best time to start is now :)
- Information and learning resources for cryptography newcomers
-
Anyone in AppSec (Application Security)?
Come over to /r/devsecops to get more information about the field. Also, there are lots of good sources, you can get some from my blog, or Awesome AppSec, or Security Prince and other places.
- I'm preparing for the interview and I've curated a list of resources that might be helpful for you also.
CheatSheetSeries
-
Next.js: consequence of AppRouter on your CSP
Cross Site Scripting Prevention Cheat Sheet from OWASP Cheat Sheet Series
-
A guide to Auth & Access Control in web apps 🔐
OWasp cheat sheet on how to do ACL in Web App.
- Ask HN: Best Practices Guides You're Aware Of
-
Advice For Securing Backend Code
I recommend reading OWASP cheat sheets , especially these:
- What are some senior level learning resources you recommend for improving as a backend engineer?
-
OWASP Attacks spreadsheet?
If it's anywhere it's probably in here, https://cheatsheetseries.owasp.org/
- How do you all SECURE your Apps?
-
What is the easiest and most secure way to implement security in a NestJS application?
Im noob but i read somewhere that if u just follow this https://cheatsheetseries.owasp.org/ Your website is secured
-
OWASP Needs to Evolve
Fixed: https://github.com/OWASP/CheatSheetSeries/issues/1089#issuec...
-
When to implement a back end for a web application?
The most helpful "convention" for building a web application is the OWASP CheatSheet Series that focuses on security best practices.
What are some alternatives?
API-Security-Checklist - Checklist of the most important security countermeasures when designing, testing, and releasing your API
WhatWeb - Next generation web scanner
UnSAFE_Bank - Vulnerable Banking Suite
dirsearch - Web path scanner
see awesome-security - A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
webpack - A bundler for javascript and friends. Packs many modules into a few bundled assets. Code Splitting allows for loading parts of the application on demand. Through "loaders", modules can be CommonJs, AMD, ES6 modules, CSS, Images, JSON, Coffeescript, LESS, ... and your custom stuff.
labs - This is a collection of tutorials for learning how to use Docker with various tools. Contributions welcome.
big-list-of-naughty-strings - The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
SecureCodingDojo - The Secure Coding Dojo is a platform for delivering secure coding knowledge.
docker-socket-proxy - Proxy over your Docker socket to restrict which requests it accepts
Security_Engineer_Interview_Questions - Every Security Engineer Interview Question From Glassdoor.com
django-mfa2 - A Django app that handles MFA, it supports TOTP, U2F, FIDO2 U2F (Webauthn), Email Token and Trusted Devices