Akash Mahajan
A blog about Technology and Life


Building and Running Secure Web and Mobile Apps

Posted on

Web development is hard. Secure web development is harder. Running applications on the internet without security incidents is almost impossible.

A non-exhaustive list of infrastructure services that you rely on for running any website.

The following are references for the talk given at Microsoft Ventures Accellerator on 28th April 2015

References

General

Security News

Fundamentals

Tools

DNS Recon

DirBuster

wfuzz

fuzzdb

Web app URLs default list

cewl

Concepts

OWASP

OWASP Top 10

OWASP A1 Injection

OWASP A3 Cross Site Scripting

OWASP A4 Insecure Direct Object Reference

OWASP A8 Cross Site Request Forgery

Automated, Incremental, Encrypted Backups

Infrastructure as code