Owasp Dev Guide

published by johanna curiel curiel

Want to create a visual like this?

Get Started
A quick Developer's Guide
To OWASP Projects
Learn how to secure your web applications against the most common web vulnerabilities
I'm new to application security...where should I start?
We strongly recommend you to look at some quick guidelines such as:
We have some cool 'vulnerable applications' to learn how you should not code them:
OWASP Cheat Sheets to get into the stuff without getting annoyed
Watch the APPSEC  tutorial series to get you started
I want to 'see' vulnerabilities and learn how they happen...
Security Shepherd: Great app for understanding  vulnerable web apps including lessons
WebGoat: OWASP classic JAVA vulnerable site with lessons, all solutions can be found in Youtube videos
OWASP Bricks: A PHP vulnerable site with lessons
OWASP TOP TEN: the classic guidelines
Your website
OK. Is time to secure my site!
How can I check for vulnerable libraries in my application?
If you are looking for specific code libraries to protect your application against some nasty vulnerabilities and attacks,  here are some great ones:
Keeping up to date with the latest vulnerabilities is not easy, let alone finding them in your dependency libraries . What about a tool that helps you check this automatically ?
Appsensor: Intrusion detection for your site
CRSFGuard: Protect your site against CRSF attacks
OWASP HTML Sanitizer is written in Java which lets you include HTML authored by third-parties in your web application while protecting against XSS
Dependency-Check is a utility that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities. Currently Java, .NET, and Python dependencies are supported. This tool can be part of a solution to the OWASP Top 10 2013