Developing Secure Java Code – Best Practices for a Team
The following whitepaper shall introduce to us the basic practices to be followed to write secure Java code. The following topics are touched on- general coding practices, input validation, output encoding, authentication and password management, session management, access control, cryptographic practices and error handling & logging. You will also learn how to prevent code injection via real world examples.
[download]click here to download[/download]
Prateek Gianchandani
Prateek Gianchandani, a recent IIT graduate, has interests in the field of Penetration Testing, Web Application Security and Intrusion Detection. He is currently a researcher for InfoSec Institute. In the past he has worked for security-based startups. You can contact him at prateek.searchingeye@gmail.com and on twitter @prateekg147 or you can visit his personal website at highaltitudehacks.com
- Developing Secure Java Code – Best Practices for a Team
- DevSecOps Tools of the trade
- Secure software deployment for APIs
- Software dependencies: The silent killer behind the world’s biggest attacks
- Software composition analysis and how it can protect your supply chain
- Only 20% of new developers receive secure coding training, says report
- Container security implications when using Iron vs VM vs cloud provider infrastructures
- Introduction to Secure Software Development Life Cycle
- How to implement common logic constructs such as if/else/loops in x86 assembly
- How to control the flow of a program in x86 assembly
- Mitigating MFA bypass attacks: 5 tips for developers
- How to diagnose and locate segmentation faults in x86 assembly
- How to use the ObjDump tool with x86
- Debugging your first x86 program
- How to build a program and execute an application entirely built in x86 assembly
- Overview of common x86 instructions
- x86 basics: Data representation, memory and information storage
- What is x86 assembly?
- Introduction to x86 assembly and syntax
- Introduction to variables
- How to mitigate Race Conditions vulnerabilities
- How to avoid Cryptography errors
- Cryptography errors Exploitation Case Study
- How to exploit Cryptography errors in applications
- Race Conditions Exploitation Case Study
- How to exploit race conditions
- Email-based attacks with Python: Phishing, email bombing and more
- Attacking Web Applications With Python: Recommended Tools
- Attacking Web Applications With Python: Exploiting Web Forms and Requests
- Attacking Web Applications With Python: Web Scraper Python
- Python for Network Penetration Testing: Best Practices and Evasion Techniques
- Python for network penetration testing: Hacking Windows domain controllers with impacket Python tools
- Python Language Basics: Variables, Lists, Loops, Functions and Conditionals
- How to Mitigate Poor HTTP Usage Vulnerabilities
- Poor HTTP Usage Exploitation Case Study
- How to Exploit Poor HTTP Usage
- Introduction to HTTP (What Makes HTTP Vulnerabilities Possible)
- How to Mitigate Integer Overflow and Underflow Vulnerabilities
- Integer Overflow and Underflow Exploitation Case Study
- How to exploit integer overflow and underflow
- Introduction to Parallel Processing
- What are Race Conditions?
- How Are Credentials Used In Applications?
- How To Mitigate Least Privilege Vulnerabilities
- How To Exploit Least Privilege Vulnerabilities
- Why Are Privileges Important For Secure Coding?
- XSS Vulnerabilities Exploitation Case Study
- What is is integer overflow and underflow?
- SQL Injection Vulnerabilities Exploitation Case Study
- SQL Injection Vulnerabilities: Types and Terms
- Introduction to Databases (What Makes SQL Injections Possible)