Want to challenge your AppSec knowledge?

Or just looking to grow your skills?

> ls /var/www/html

learning, security & software engineering

> whoami

OSCE3, OSEP, OSED, OSWE, OSCP, trainer, passionate coder and part-time tinkerer

Get the latest from the AppSec world:

Secure Coding

BASICS

These days I spend most of my time reading other people's code. Everybody makes mistakes and writes bad code.There's no denying it. However, most of the security vulnerabilities I encounter could have been avoided by following some basic Secure Coding best practices.

  • Do not trust input. Validate everything

  • Encode output

  • Session management

  • Cryptographic best practices

  • Database security

  • ...