Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
public:research:secprog:secureprogramming [2015-02-14 20:19] – [Fuzzing] petrspublic:research:secprog:secureprogramming [2016-12-01 13:28] (current) – external edit 127.0.0.1
Line 2: Line 2:
  
   * 19 deadly sins of software programming (Howard), examples, list of reasonably fresh real examples: http://www.math.uaa.alaska.edu/~afkjm/cs470/handouts/SecuritySins.pdf   * 19 deadly sins of software programming (Howard), examples, list of reasonably fresh real examples: http://www.math.uaa.alaska.edu/~afkjm/cs470/handouts/SecuritySins.pdf
 +  * Mozilla secure coding guidelines: https://developer.mozilla.org/en-US/docs/Secure_Development_Guidelines
 +
  
 ===== Security programming courses ===== ===== Security programming courses =====
Line 84: Line 86:
       * ERROR: Error, could not load platform assembly 'Peach.Core.OS.Windows.dll' The assembly is part of the Internet Security Zone and loading has been blocked.       * ERROR: Error, could not load platform assembly 'Peach.Core.OS.Windows.dll' The assembly is part of the Internet Security Zone and loading has been blocked.
       * Solution: https://forums.peachfuzzer.com/showthread.php?198-Could-not-load-platform-assembly-Peach-Core-OS-Windows-dll       * Solution: https://forums.peachfuzzer.com/showthread.php?198-Could-not-load-platform-assembly-Peach-Core-OS-Windows-dll
 +    * ERROR: Could not start monitor "WindowsDebugger" Could not find a part of the path 'C
 +:\Program Files\Debugging Tools for Windows (x86)\dbgeng.dll'.
 +      * set proper path to WinDbg (e.g., c:\Program Files (x86)\Debugging Tools for Windows\) in peach pit file
 +      * <Param name="WinDbgPath" value="c:\Program Files (x86)\Debugging Tools for Windows\" />
 +
  
  
Line 163: Line 170:
     * covers all the common vulnerabilities found in iOS applications (following OWASP top 10 mobile risks) and contains several challenges that the user can try     * covers all the common vulnerabilities found in iOS applications (following OWASP top 10 mobile risks) and contains several challenges that the user can try
   * [2011] Hackademic Challenges https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project   * [2011] Hackademic Challenges https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project
-    * vulnerable app, challenges+    * vulnerable app, challenges: https://github.com/Hackademic/hackademic/
     * TRY     * TRY
   * [2013] OWASP Security Shepherd https://www.owasp.org/index.php/OWASP_Security_Shepherd   * [2013] OWASP Security Shepherd https://www.owasp.org/index.php/OWASP_Security_Shepherd
-    * TRY+    * TRY: https://github.com/OWASP/SecurityShepherd
     * security teaching application, CTF     * security teaching application, CTF
 +  * [2015] Samurai Web Testing Framework http://samurai.inguardians.com/
 +    * preinstalled Mutillidae,  
  
 ==== Security-supporting library ==== ==== Security-supporting library ====
Line 180: Line 189:
   * [2014] JSON Sanitizer Project https://www.owasp.org/index.php/OWASP_JSON_Sanitizer    * [2014] JSON Sanitizer Project https://www.owasp.org/index.php/OWASP_JSON_Sanitizer 
     * Given JSON-like content, convert it to valid JSON. Java library     * Given JSON-like content, convert it to valid JSON. Java library
 +  * [2015] Several Java web applications and command line applications covering different security topics: https://github.com/dschadow/JavaSecurity