7
Posted on 3:03 AM by Softminer and filed under

Training github workshop
https://github.com/sapran/appsec_awareness_training


Enter your email and tells you if your email is being leacked
https://haveibeenpwned.com/


Owas top 10 volnerability
https://www.owasp.org/index.php/Top_10-2017_Top_10


Reward to hackers to found bugs
https://www.bugcrowd.com/bug-bounty-list/

web-dvwa is a docker sample in php which shows volnerabilities
the sample used is
https://hub.docker.com/r/vulnerables/web-dvwa/
docker pull vulnerables/web-dvwa
docker run --rm -it -p 1080:80 vulnerables/web-dvwa



















Gives you xss code that you can use in xss
https://xsshunter.com/app

SQL INJECTION
http://sqlmap.org/


List of Payload for different payloads
https://github.com/danielmiessler/SecLists


Cheat sheet
https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet


OWASP Zed Attack Proxy (ZAP)
https://www.zaproxy.org/


Sonarqube
https://www.sonarqube.org/
https://hub.docker.com/_/sonarqube/
continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities


MS Threat Modeling Tool
https://www.microsoft.com/en-us/securityengineering/sdl/threatmodeling
can be used to draw your software diagram and shows you the threats


















List on known Groups per country
https://attack.mitre.org/


Security Check for http headers
https://securityheaders.com/


Test SSL server certificate
https://www.ssllabs.com/ssltest/


DAST, or Dynamic Application Security Testing
SAST, or Static Application Security Testing
IAST or Interactive Application Security Testing


Burp Suite is a graphical tool for testing Web application security
https://portswigger.net/burp

more functionality than fiddler, to start proxy should set to localhost 8080
Go here and download and install certificate http://localhost:8080/
intercept is to record traffic

https://attack.mitre.org/
List of organization and attacks

check your security headers

https://securityheaders.com/

7
Responses to ... Security awareness
Sonam Sharma said... January 14, 2021 at 12:29 AM

Book High-class Luxury & Premium Janakpuri Escorts Service
Janakpuri Escorts offer discreet relationships with wall-mannered, beautiful and sexy girls. Our warm, friendly support team will make sure that the high-profile female Janakpuri call girls you're introduced to are often relied upon to supply discreet, ideal company for any occasion.
Janakpuri Escorts
Call girl in Janakpuri

Ankita Tiwari Kolkata Escort Service In Call Girl said... March 10, 2021 at 2:07 AM


callgirl in kolkata
escort service in

Aisha Escorts said... May 26, 2021 at 8:31 AM

Dwarka Escorts girls are excellent babes with an attractive attitude that interests you to have a private session with them. Satisfying your desire for pleasure, they took you into a seductive quality to play the most off-color role. Our experts allow you to feel the heat of their service by seducing you in every imaginable way.

Gorgeousdoodles said... February 22, 2022 at 2:16 AM

havanese dogs for sale
havanese puppies for sale
teacup havanese puppy
chocolate havanese puppy for sale
teacup pomeranian for sale
doodle puppies
aussiedoodle puppies for sale
bernedoodle puppies for sale
goldendoodle puppies for sale

https://www.fluffyhavanese.com/

Moradabad Escorts said... August 17, 2023 at 9:45 PM

Excellent Work and Great Post Thanku For Sharing a Nice Article

kavya said... September 7, 2023 at 1:03 AM

are you looking for :- Ludhiana tour Guide service
Tour Guide service in Ludhiana
Ludhiana personal assistant
personal assistant service in Ludhiana
Ludhiana lady in waiting for You
assistant service in Dehradun

Ashnamittal said... November 22, 2023 at 3:58 AM

Ashnamittal