References for Building and Running Secure Web and Mobile Applications

Web development is hard. Secure web development is harder. Running applications on the internet without security incidents is almost impossible.

A non-exhaustive list of infrastructure services that you rely on for running any website.

The following are references for the talk given at Microsoft Ventures Accellerator on 28th April 2015

References

General

Security News

Fundamentals

Tools

DNS Recon

DirBuster

wfuzz

fuzzdb

Web app URLs default list

cewl

Concepts

OWASP

OWASP Top 10

OWASP A1 Injection

OWASP A3 Cross Site Scripting

OWASP A4 Insecure Direct Object Reference

OWASP A8 Cross Site Request Forgery

Automated, Incremental, Encrypted Backups

Infrastructure as code

Akash Mahajan avatar
About Akash Mahajan
That Web Application Security Guy long time ago. Co-Founder @AppseccoUK | Community Manager @null0x00 | Author - Burp Suite Essentials, Security Automation with Ansible2. Writing about application security, being part of communities like null, OWASP and other technically inclined topics. Sometimes about my company and books