1
Training github workshop
https://github.com/sapran/appsec_awareness_training
Enter your email and tells you if your email is being leacked
https://haveibeenpwned.com/
Owas top 10 volnerability
https://www.owasp.org/index.php/Top_10-2017_Top_10
Reward to hackers to found bugs
https://www.bugcrowd.com/bug-bounty-list/
web-dvwa is a docker sample in php which shows volnerabilities
the sample used is
https://hub.docker.com/r/vulnerables/web-dvwa/
docker pull vulnerables/web-dvwa
docker run --rm -it -p 1080:80 vulnerables/web-dvwa
Gives you xss code that you can use in xss
https://xsshunter.com/app
SQL INJECTION
http://sqlmap.org/
List of Payload for different payloads
https://github.com/danielmiessler/SecLists
Cheat sheet
https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
OWASP Zed Attack Proxy (ZAP)
https://www.zaproxy.org/
Sonarqube
https://www.sonarqube.org/
https://hub.docker.com/_/sonarqube/
continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities
MS Threat Modeling Tool
https://www.microsoft.com/en-us/securityengineering/sdl/threatmodeling
can be used to draw your software diagram and shows you the threats
List on known Groups per country
https://attack.mitre.org/
Security Check for http headers
https://securityheaders.com/
Test SSL server certificate
https://www.ssllabs.com/ssltest/
DAST, or Dynamic Application Security Testing
SAST, or Static Application Security Testing
IAST or Interactive Application Security Testing
Burp Suite is a graphical tool for testing Web application security
https://portswigger.net/burp
more functionality than fiddler, to start proxy should set to localhost 8080
Go here and download and install certificate http://localhost:8080/
intercept is to record traffic
https://attack.mitre.org/
List of organization and attacks
check your security headers
https://securityheaders.com/
Posted on 3:03 AM by Softminer and filed under
security
Training github workshop
https://github.com/sapran/appsec_awareness_training
Enter your email and tells you if your email is being leacked
https://haveibeenpwned.com/
Owas top 10 volnerability
https://www.owasp.org/index.php/Top_10-2017_Top_10
Reward to hackers to found bugs
https://www.bugcrowd.com/bug-bounty-list/
web-dvwa is a docker sample in php which shows volnerabilities
the sample used is
https://hub.docker.com/r/vulnerables/web-dvwa/
docker pull vulnerables/web-dvwa
docker run --rm -it -p 1080:80 vulnerables/web-dvwa
Gives you xss code that you can use in xss
https://xsshunter.com/app
SQL INJECTION
http://sqlmap.org/
List of Payload for different payloads
https://github.com/danielmiessler/SecLists
Cheat sheet
https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
OWASP Zed Attack Proxy (ZAP)
https://www.zaproxy.org/
Sonarqube
https://www.sonarqube.org/
https://hub.docker.com/_/sonarqube/
continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities
MS Threat Modeling Tool
https://www.microsoft.com/en-us/securityengineering/sdl/threatmodeling
can be used to draw your software diagram and shows you the threats
List on known Groups per country
https://attack.mitre.org/
Security Check for http headers
https://securityheaders.com/
Test SSL server certificate
https://www.ssllabs.com/ssltest/
DAST, or Dynamic Application Security Testing
SAST, or Static Application Security Testing
IAST or Interactive Application Security Testing
Burp Suite is a graphical tool for testing Web application security
https://portswigger.net/burp
more functionality than fiddler, to start proxy should set to localhost 8080
Go here and download and install certificate http://localhost:8080/
intercept is to record traffic
https://attack.mitre.org/
List of organization and attacks
check your security headers
https://securityheaders.com/
Visual Studio.Net
Great Article
Cyber Security Projects
projects for cse
Networking Security Projects
JavaScript Training in Chennai
JavaScript Training in Chennai
The Angular Training covers a wide range of topics including Components, Angular Directives, Angular Services, Pipes, security fundamentals, Routing, and Angular programmability. The new Angular TRaining will lay the foundation you need to specialise in Single Page Application developer. Angular Training
Post a Comment