GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → SecuringTheStack → tutorials

SecuringTheStack / tutorials

Licence: other
Additional Resources For Securing The Stack Tutorials

Programming Languages

javascript
184084 projects - #8 most used programming language
HTML
75241 projects
CSS
56736 projects
shell
77523 projects
Dockerfile
14818 projects
ruby
36898 projects - #4 most used programming language

Labels

tutorialsowaspcybersecurityinfosecappsecsecure-codingwebsecappsec-tutorials

Projects that are alternatives of or similar to tutorials

Resources-for-Application-Security
Some good resources for getting started with application security
Stars: ✭ 97 (+169.44%)
Mutual labels:  owasp, infosec, appsec, websec, appsec-tutorials
Sbt Dependency Check
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+419.44%)
Mutual labels:  owasp, infosec, appsec
Awesome Nodejs Security
Awesome Node.js Security resources
Stars: ✭ 1,294 (+3494.44%)
Mutual labels:  owasp, cybersecurity, infosec
netizenship
a commandline #OSINT tool to find the online presence of a username in popular social media websites like Facebook, Instagram, Twitter, etc.
Stars: ✭ 33 (-8.33%)
Mutual labels:  cybersecurity, infosec, websec
Python Honeypot
OWASP Honeypot, Automated Deception Framework.
Stars: ✭ 160 (+344.44%)
Mutual labels:  owasp, cybersecurity, infosec
vapi
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Stars: ✭ 674 (+1772.22%)
Mutual labels:  owasp, appsec, appsec-tutorials
Securityrat
OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
Stars: ✭ 115 (+219.44%)
Mutual labels:  owasp, appsec
Dependency Track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+1894.44%)
Mutual labels:  owasp, appsec
Zap Hud
The OWASP ZAP Heads Up Display (HUD)
Stars: ✭ 201 (+458.33%)
Mutual labels:  owasp, appsec
phisherprice
All In One Pentesting Tool For Recon & Auditing , Phone Number Lookup , Header , SSH Scan , SSL/TLS Scan & Much More.
Stars: ✭ 38 (+5.56%)
Mutual labels:  cybersecurity, infosec
Owasp Vwad
The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
Stars: ✭ 487 (+1252.78%)
Mutual labels:  owasp, appsec
py-scripts-other
A collection of some of my scripts
Stars: ✭ 79 (+119.44%)
Mutual labels:  cybersecurity, infosec
conti-pentester-guide-leak
Leaked pentesting manuals given to Conti ransomware crooks
Stars: ✭ 772 (+2044.44%)
Mutual labels:  cybersecurity, infosec
Zaproxy
The OWASP ZAP core project
Stars: ✭ 9,078 (+25116.67%)
Mutual labels:  owasp, appsec
FSEC-VM
Backend logic implementation for Vulnerability Management System
Stars: ✭ 19 (-47.22%)
Mutual labels:  cybersecurity, infosec
SSI Extra Materials
In my computer security courses I make extensive usage of cheatsheets for various tools and extra materials to complement the student learning if they are willing to do so. I have decided to share them to enable others to take advantage of them
Stars: ✭ 42 (+16.67%)
Mutual labels:  cybersecurity, appsec
PyIris
PyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.
Stars: ✭ 296 (+722.22%)
Mutual labels:  cybersecurity, infosec
github-watchman
Monitoring GitHub for sensitive data shared publicly
Stars: ✭ 60 (+66.67%)
Mutual labels:  cybersecurity, infosec
www-project-code-review-guide
OWASP Code Review Guide Web Repository
Stars: ✭ 74 (+105.56%)
Mutual labels:  owasp, appsec
Juice Shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+17316.67%)
Mutual labels:  owasp, appsec
View All Similar Projects ➔

TL;DR

  • Securing The Stack (StS) provides developers with concise information security tutorials
  • Go to Securing The Stack and watch a tutorial :)

Table Of Contents

Securing The Stack (StS) Core Values

Developer-Focused

  • StS provides developers with information security tutorials
  • Tutorials are aimed at developers who have beginning/intermediate security knowledge

Learning-By-Doing

  • Most tutorials provide a local environment for developers to practice what they’ve learned
  • Every example is based on real world threats

Concise

  • Most tutorials are less than 15 minutes
  • If desired, a developer can go more in-depth via a tutorial’s Additional Resources section
    • E.g., TUTORIAL_NAME/readme.md#additional-resources

Frequent

  • Multiple releases per month
    • Starting Jan 2018

Multi-Disciplinary

  • While coding examples are written in Javascript, most tutorials will link to additional resources for developers who want to explore the topic from other languages
    • This with can be found at TUTORIAL_NAME/readme.md#additional-resources
    • Where possible, additional resources will be available for: Python, Java, Ruby, PHP, Javascript

Intuitive

  • Each tutorial contains a Knowledge Dependency Tree that allows a developer to quickly identify gaps in knowledge
    • This is essentially a granular prerequisite list (but even better) :)
    • This with can be found at TUTORIAL_NAME/readme.md#knowledge-dependency-tree

Environment Setup/Navigation

  1. Download docker
    1. NOTE: If you’re on Windows, please setup your environment to support linux-based containers
  2. git clone [email protected]:SecuringTheStack/tutorials.git
  3. cd tutorials
  4. cd into a tutorial’s directory
    • Each coding example should contain the directory within the comments
    • Ex: // File: ep9-injection-fundamentals-part-1/src/1/app.js
      • So we would cd ep9-injection-fundamentals-part-1
  5. Bootstrap the example
    • Run the shell command that you see in the slides
    • Ex: EX_NUM=1 docker-compose up
    • Whenever you change the File (from step 4), the container will automatically refresh

Errors

  • To easily see if an error has been previously reported
    1. Find the tutorial’s directory within this repo
    2. Review the readme.md’s Error Log section

Error is NOT related to a tutorial’s code/configs

  1. Find the tutorial’s directory within this repo
  2. Review readme.md and find the slide with the error
  3. Add a FIXED-ERROR bullet under the problematic text
    • As a sub-bullet of FIXED-ERROR, explain the correction

Error IS related to a tutorial’s code/configs

  1. Find the tutorial’s directory within this repo
  2. Find the erroneous file
  3. Submit a PR with the fix
    1. Make a comment above your fix with a brief description of the change
    2. Prepend FIXED-ERROR to this comment
  4. Do a global search to find other areas that might have this error

Additional Help

  • Feel free to open an issue

TOS

Limit of Liability/Disclaimer of Warranty: The information in this site is distributed on an “As Is” basis, without warranty. While every precaution has been taken in the preparation of this work, the author shall NOT have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the information contained in it.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].