recentpopularlog in

wasser : security   79

Web Developer Security Checklist – Simple Security
Developing secure, robust web applications in the cloud is hard, very hard. If you think it is easy, you are either a higher form of life or you have a painful awakening ahead of you. If you have…
checklist  development  web  webdev  security  programming  via:popular  devops  web_development  deployment 
may 2017 by wasser
Go-SCP · GitBook
go-scp: Go Language Secure Coding Practices
bestpractices  book  security  golang  infosec  development  free  go  important  web 
april 2017 by wasser
Penetration Testing Tools Cheat Sheet
Penetration testing tools cheat sheet, a high level overview / quick reference cheat sheet for penetration testing.
tools  cheatsheet  security  pentest  pentesting  hacking  networks  penetration-testing  testing  via:popular 
june 2016 by wasser
Detecting the use of "curl | bash" server side | Application Security
Another reason not to pipe from curl to bash. Detecting curl | bash serverside.
bash  security  shell  unix  curl  linux  HTTP  interesting  networking  buffers 
april 2016 by wasser
acme-tiny - A tiny script to issue and renew TLS certs from Let's Encrypt
python  ssl  letsencrypt  acme  lets-encrypt  lets_encrypt  security  software  Unread  webdev 
december 2015 by wasser
Node.js Security Checklist | RisingStack
This checklist helps you guide through the must-have security checks before your application is enabled to thousands of users/customers.
checklist  nodejs  security 
october 2015 by wasser
awesome-pentest - A collection of awesome penetration testing resources, tools and other shiny things
obfuscation  security  逆向工程  infosec  penetration  pentest  ref  testing  Unread 
september 2015 by wasser
naxsi - NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
nginx  security  firewall  injection  naxsi  github  WAF  xss  sql 
september 2015 by wasser
Beginner’s Guide to API(REST) security | what I'm breaking...
  API(Application Program Interface) is a framework that makes it easy to build HTTP services that reach a broad range of clients, including browsers and mobile devices. Most of the websites provide API so that developers can make application on top of it. For e.g. Facebook graph API, Twitter API, Dropbox API ,Github API etc…
http  api  request  https  security 
september 2015 by wasser
drduh/ - Script to manage passwords in an encrypted file using gpg
linux  gpg  management  password  passwords  security  shell 
july 2015 by wasser
Seeing to the Unseen: Performance, Accessibility, & Security in User Experience Design | Wellfire Interactive
Performance, accessibility, and even security all effect the user experience. Each has a significant effect on the perception of your product, especially when bad planning turns into less-than-desirable results.
ux  performance  accessibility  security  tools  reference 
april 2015 by wasser
Enough With the Salts: Updates on Secure Password Schemes - Blog - Matasano Security
I’ve been spending some time recently combing through the old Matasano Blog Catacombs and blowing the dust off years old tomes. It’s been …
security  encryption  passwords  hash  crypto  password  Unread  hashing  matasano  IFTTT 
april 2015 by wasser
cure53/DOMPurify · GitHub
"DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG."
march 2015 by wasser
Contribute to webseclab development by creating an account on GitHub.
security  golang  opensource  programming 
february 2015 by wasser
How To Use Port Knocking to Hide your SSH Daemon from Attackers on Ubuntu | DigitalOcean
Port knocking is a method of protecting your services behind a firewall until connection attempts are made to a specific sequence of ports in a certain amount of time. The firewall rules are then modified to allow access to the service and the user ca
security  ssh  iptables  knocking  portknock  portknocking  ports  sysadmin 
january 2015 by wasser
uBlock - µBlock - An efficient blocker for Chromium-based browsers. Fast and lean.
chrome  extension  privacy  security  adblock  Advertising  ads  tool  ad  ad-block 
december 2014 by wasser
Opt out of global data surveillance programs like PRISM, XKeyscore, and Tempora - PRISM Break - PRISM Break
Opt out of global data surveillance programs like PRISM, XKeyscore and Tempora. Help make mass surveillance of entire populations uneconomical! We all have a right to privacy, which you can exercise today by encrypting your communications and ending your reliance on proprietary services.
freeware  opensource  tools  privacy  security  prism  android  apps  bsd  encryption 
september 2014 by wasser
Passwords are Obsolete — Medium
And they make Heartbleed a thousand times worse
security  twitter  passwords  auth  code  email  fav 
april 2014 by wasser
Detectify - Stay secure - Go hack yourself!
Detectify provides a user friendly and thorough web security scan that allows you to focus 100% on web development.
development  programming  webdesign  security  audit  scanner  webdev  hacking 
april 2014 by wasser

Copy this bookmark:

to read