Secure Programming HOWTO
This is the main web site for the free book, the Secure Programming HOWTO, providing design and implementation guidelines for writing secure programs in languages like C, C++, Java, Perl, Python, and Ada95. It includes guidance for application programs, web applications, network servers, and setuid/setgid programs. The book is distributed in multiple formats including Multipage HTML, Single long HTML, and PDF.
FEATURES
ALTERNATIVES
BunkerWeb is a next-generation and open-source Web Application Firewall (WAF) with seamless integration and user-friendly customization options.
A vulnerable by design infrastructure on Azure featuring the latest released OWASP Top 10 web application security risks (2021) and other misconfigurations.
A technology lookup and lead generation tool that identifies the technology stack of any website and provides features for market research, competitor analysis, and data enrichment.
A tool for identifying potential security vulnerabilities in web applications
A lightweight web security auditing toolkit that simplifies security tasks and enhances productivity.
A web application firewall and API security platform that combines API discovery, runtime protection, vulnerability testing, and security posture management.
A Burp extension for scanning JavaScript files for endpoint links
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.