Web development is hard. Secure web development is harder. Running applications on the internet without security incidents is almost impossible. A non-exhaustive list of infrastructure services that you rely on for running any website. The following are references for the talk given at Microsoft Ventures Accellerator on 28th April 2015 References General An illustrated guide to computer security Security News Hackers temporarily take control of Tesla’s website and twitter Fundamentals DNS Resource Records Tools DNS Recon DNS Recon Using DNS Recon tool DirBuster DirBuster Using DirBuster Video Using DirBuster like a pro wfuzz wfuzz wfuzz basics Bruteforcing web applications webslayer a similar tool fuzzdb fuzzdb Using fuzzdb for testing website security Web app URLs default list web app urls pwnwiki cewl cewl - Wordlist generator Concepts Ocean’s 11 Movie Plot Trust OWASP OWASP OWASP Top 10 OWASP Top 10 OWASP Mobile Top 10 OWASP A1 Injection Injection Exploits of a Mom Bobby Tables SQL Injection Command Injection XXE OWASP A3 Cross Site Scripting XSS Apache.