9
Posted on 5:12 AM by Softminer and filed under

In this Post I will show how to create Nuget package:





In this video you can see :


In this video you can see:




Nuget Package explorer is used for publish to feed:
https://github.com/NuGetPackageExplorer/NuGetPackageExplorer

Then you can use this Nuget in your Solution:

https://blogs.naxam.net/configure-nuget-package-sources-for-your-project-cd8b96397360

4
Posted on 12:24 PM by Softminer and filed under

Learning 

Practice 

90% of questions are from udemy course. 
examtopics is free for first 100 questions. i you want to have all questions for free you can check here:
1
Posted on 9:53 PM by Softminer and filed under

 usually, when you buy a domain you need to buy anothr smtp provider to send email. gmail business has a packet for 5$ per user. 


If you want to use free email forwarding tool i suggest https://improvmx.com/ 

just set your mx record 

HOST

VALUE

PRIORITY

@mx1.improvmx.com10
@mx2.improvmx.com20


4
Posted on 2:23 AM by Softminer and filed under

Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications


This is very good overview of application gateway


for more details view this video:






11
Posted on 3:03 AM by Softminer and filed under

Training github workshop
https://github.com/sapran/appsec_awareness_training


Enter your email and tells you if your email is being leacked
https://haveibeenpwned.com/


Owas top 10 volnerability
https://www.owasp.org/index.php/Top_10-2017_Top_10


Reward to hackers to found bugs
https://www.bugcrowd.com/bug-bounty-list/

web-dvwa is a docker sample in php which shows volnerabilities
the sample used is
https://hub.docker.com/r/vulnerables/web-dvwa/
docker pull vulnerables/web-dvwa
docker run --rm -it -p 1080:80 vulnerables/web-dvwa



















Gives you xss code that you can use in xss
https://xsshunter.com/app

SQL INJECTION
http://sqlmap.org/


List of Payload for different payloads
https://github.com/danielmiessler/SecLists


Cheat sheet
https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet


OWASP Zed Attack Proxy (ZAP)
https://www.zaproxy.org/


Sonarqube
https://www.sonarqube.org/
https://hub.docker.com/_/sonarqube/
continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities


MS Threat Modeling Tool
https://www.microsoft.com/en-us/securityengineering/sdl/threatmodeling
can be used to draw your software diagram and shows you the threats


















List on known Groups per country
https://attack.mitre.org/


Security Check for http headers
https://securityheaders.com/


Test SSL server certificate
https://www.ssllabs.com/ssltest/


DAST, or Dynamic Application Security Testing
SAST, or Static Application Security Testing
IAST or Interactive Application Security Testing


Burp Suite is a graphical tool for testing Web application security
https://portswigger.net/burp

more functionality than fiddler, to start proxy should set to localhost 8080
Go here and download and install certificate http://localhost:8080/
intercept is to record traffic

https://attack.mitre.org/
List of organization and attacks

check your security headers

https://securityheaders.com/

1
Posted on 8:24 AM by Softminer and filed under ,

- Hands on Labs on build real Mobile Application and Backend services based on Azure. We will follow the diagram below in the deployment:



- App Services
- Functions & Logic Apps
- Application Insights – to monitor application that are in production
- Containers – simplify application deployments
- API Management
- SQL Databases
- Mobile DevOps & Xamarin

Also, here (https://github.com/MikeCodesDotNet/Mobile-Cloud-Workshop/tree/master/Walkthrough%20Guide/00_Setup) you will find the prerequisites for the workshop.
1
Posted on 7:25 AM by Softminer and filed under ,

https://docs.microsoft.com/en-us/aspnet/core/tutorials/getting-started-with-swashbuckle?view=aspnetcore-2.2&tabs=visual-studio

https://github.com/RicoSuter/NSwag/wiki/NSwagStudio
https://docs.microsoft.com/en-us/aspnet/core/tutorials/getting-started-with-nswag?view=aspnetcore-2.2&tabs=visual-studio