This is a repo into which I'm dumping things that help with application security. Hopefully organized to some extent. I'll list sources where it makes sense; if you see something that isn't attributed properly that should be, drop me a note or create a pull request.
- Security Principles
- Architecture
- Authentication
- Access Control
- Session Management
- Input and Output
- Tainted Input
- Data Protection
- Cryptographic Communications and Storage
- APIs
- Web Services
- Business Logic
- Configuration
- Error Handling, Logging
- Files and other Resources
- Malicious Code
- Standards
- Resources
See convert.bat to turn this into an editable, formattable document that you can put your name and logo on and claim as your own research, ya leech!