🔐
Secure Coding Handbook
  • Secure Coding Handbook
  • Resources
  • Client side
    • Cross-Site Scripting [XSS]
    • Cross-Site Request Forgery [CSRF]
    • Clickjacking
    • Open Redirects
  • Server Side
    • SQL Injections [SQLi]
    • XML External Entity Injection [XXE]
    • OS Command Injection [Command Execution]
    • File Upload
    • Server-Side Request Forgery [SSRF]
    • Host Header Injection
    • Authentication
    • Directory Traversal
    • Template Injection [SSTI]
  • API
    • Broken Object Level Authorization
    • Excessive Data Exposure
    • Mass Assignment
  • Auxiliary
    • Vulnerable Dependency Management
    • Deserialization
    • Logging
  • Solidity
    • Re-Entrancy
Powered by GitBook
On this page

Was this helpful?

Secure Coding Handbook

NextResources

Last updated 3 years ago

Was this helpful?

Welcome to the Secure Coding Handbook! Here, you will find everything that I have found on secure coding: best practices, analyzing, and, of course, patching code-related vulnerabilities. All of the enumerated attacks and defensive techniques are strictly related to web applications. (for now :) )

Handbook structure:

Spotted a bug?

Making mistakes is human nature, fortunately. Please note that I am by no means an expert and should you find something that is totally erroneous or deviated from the subject, please .

Want to contribute?

Sure thing! Message me on Twitter , or simply write a pull request in the repository.

You can also buy me a Pizza so I wouldn't have to cook it myself, and write more guides in that time =D

Resources
Client side
Server Side
API
Auxiliary
Solidity
create an issue here
@VladToie
Secure-Coding-Handbook
Vlad is developing the Secure Coding Handbook.Buy Me a Coffee
Logo