Resources for Application Security
Some good resources for getting started with application security
Web Application Technologies and Development
- Learn web development
- Web technology for developers
- How Browsers Work: Behind the scenes of modern web browsers
- Inside look at modern web browser (part 1)
- Inside look at modern web browser (part 2)
- Inside look at modern web browser (part 3)
- Inside look at modern web browser (part 4)
- Properly Understanding the DOM
- javascript.info
Application Security Books and online resources
- A Beginner’s Guide to Careers in Application Security
- LiveOverflow Web Hacking
- PwnFunction Web Security 101
- Attacking Web Applications
- Defending Web Applications
- Web Application Hacker’s handbook
- CNIT 129S: Securing Web Applications
- CNIT 129S: Securing Web Applications Youtube Playlist
- Mastering Modern Web Penetration Testing
- Hacker101
- Application Security Wiki
- CodePath Web Security Guides
- CS 253 Web Security course
- CS 253 Web Security Youtube Playlist
- Burp Testing Methodologies
- Web Security Academy
- HowToHunt - Tutorials and Things to try while testing particular vulnerability
Hands on CTF & Labs
Securing Applications
Further Reading
- High-Level Approaches for Finding Vulnerabilities
- Deep dive into browser parsing and XSS payload encoding
- OWASP Testing Guide
- Secure Code Wiki
- SEI CERT Coding Standards
- Web Hacking 101
- Writing Secure Code, 2nd Edition
- awesome-web-hacking
- awesome-web-security
- Awesome AppSec
- web-methodology
- CSP useful, a collection of scripts, thoughts about CSP
- websec.fr Solutions
- Code-Breaking Puzzles dockerfiles && writeups
- SPOT THE BUG CHALLENGE 2016 WRITE-UP
- SPOT THE BUG CHALLENGE 2015 WRITE-UP
- PHP Security Calendar 2017
- JAVA Security Calendar 2019
- Wordpress Security Calendar 2018
- Browser Exploitation for Fun and Profit
- The Browser Hacker’s Handbook
- X41’s Browser Security White Paper (alternate link)
- Cure53’s Browser Security White Paper (alternate link)
- LiveOverflow Browser Exploitation
- High-Level Approaches for Finding Vulnerabilities
Bonus
The resources which i have put are those which i am using in my application security learnings, feel free to use it for your learning purpose only and if you have any suggestions dm me on Twitter