jaeswift-website/api/data/awesomelist/paragonie--awesome-appsec.json


			
				
				
					
						
						
						
							
							
							{"slug": "paragonie--awesome-appsec", "title": "Awesome Appsec", "description": "A curated list of resources for learning about application security", "github_url": "https://github.com/paragonie/awesome-appsec", "stars": "6.4K", "tag": "Miscellaneous", "entry_count": 14, "subcategory_count": 88, "subcategories": [{"name": "General", "parent": "", "entries": [{"name": "General", "url": "#general", "description": ""}, {"name": "AWS Lambda", "url": "#aws-lambda", "description": ""}, {"name": "Android", "url": "#android", "description": ""}, {"name": "C", "url": "#c", "description": ""}, {"name": "C++", "url": "#c-1", "description": ""}, {"name": "C Sharp", "url": "#c-sharp", "description": ""}, {"name": "Clojure", "url": "#clojure", "description": ""}, {"name": "Go", "url": "#go", "description": ""}, {"name": "Java", "url": "#java", "description": ""}, {"name": "Node.js", "url": "#node-js", "description": ""}, {"name": "PHP", "url": "#php", "description": ""}, {"name": "Perl", "url": "#perl", "description": ""}, {"name": "Python", "url": "#python", "description": ""}, {"name": "Ruby", "url": "#ruby", "description": ""}]}, {"name": "[How to Safely Generate a Random Number](http://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/) (2014)", "parent": "Articles", "entries": []}, {"name": "[Salted Password Hashing - Doing it Right](https://crackstation.net/hashing-security.htm) (2014)", "parent": "Articles", "entries": []}, {"name": "[A good idea with bad usage: /dev/urandom](http://insanecoding.blogspot.co.uk/2014/05/a-good-idea-with-bad-usage-devurandom.html) (2014)", "parent": "Articles", "entries": []}, {"name": "[Why Invest in Application Security?](https://paragonie.com/white-paper/2015-why-invest-application-security) (2015)", "parent": "Articles", "entries": []}, {"name": "[Be wary of one-time pads and other crypto unicorns](https://freedom-to-tinker.com/blog/jbonneau/be-wary-of-one-time-pads-and-other-crypto-unicorns/) (2015)", "parent": "Articles", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [Web Application Hacker's Handbook](http://mdsec.net/wahh) (2011)", "parent": "Books", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [Cryptography Engineering](http://www.amazon.com/Cryptography-Engineering-Principles-Practical-Applications/dp/0470474246) (2010)", "parent": "Books", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [Securing DevOps](https://www.manning.com/books/securing-devops?a_aid=securingdevops\\&a_bid=1353bcd8) (2018)", "parent": "Books", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [Gray Hat Python: Programming for Hackers and Reverse Engineers](http://www.amazon.com/Gray-Hat-Python-Programming-Engineers/dp/1593271921) (2009)", "parent": "Books", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities](http://www.amazon.com/The-Software-Security-Assessment-Vulnerabilities/dp/0321444426/) (2006)", "parent": "Books", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [C Interfaces and Implementations: Techniques for Creating Reusable Software](http://www.amazon.com/Interfaces-Implementations-Techniques-Creating-Reusable/dp/0201498413/) (1996)", "parent": "Books", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [Reversing: Secrets of Reverse Engineering](http://www.amazon.com/Reversing-Secrets-Engineering-Eldad-Eilam/dp/0764574817) (2005)", "parent": "Books", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [JavaScript: The Good parts](http://www.amazon.com/JavaScript-Good-Parts-Douglas-Crockford/dp/0596517742) (2008)", "parent": "Books", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [Windows Internals: Including Windows Server 2008 and Windows Vista, Fifth Edition ](http://www.amazon.com/Windows%C2%AE-Internals-Including-Developer-Reference/dp/0735625301) (2007)", "parent": "Books", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [The Mac Hacker's Handbook](http://www.amazon.com/The-Hackers-Handbook-Charlie-Miller/dp/0470395362) (2009)", "parent": "Books", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler](http://www.amazon.com/The-IDA-Pro-Book-Disassembler/dp/1593271786) (2008)", "parent": "Books", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [Internetworking with TCP/IP Vol. II: ANSI C Version: Design, Implementation, and Internals (3rd Edition)](http://www.amazon.com/Internetworking-TCP-Vol-Implementation-Internals/dp/0139738436) (1998)", "parent": "Books", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [Network Algorithmics,: An Interdisciplinary Approach to Designing Fast Networked Devices](http://www.amazon.com/Network-Algorithmics-Interdisciplinary-Designing-Networking/dp/0120884771) (2004)", "parent": "Books", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [Computation Structures (MIT Electrical Engineering and Computer Science)](http://www.amazon.com/Computation-Structures-Electrical-Engineering-Computer/dp/0262231395) (1989)", "parent": "Books", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [Surreptitious Software: Obfuscation, Watermarking, and Tamperproofing for Software Protection](http://www.amazon.com/Surreptitious-Software-Obfuscation-Watermarking-Tamperproofing/dp/0321549252) (2009)", "parent": "Books", "entries": []}, {"name": "[Secure Programming HOWTO](http://www.dwheeler.com/secure-programs/) (2015)", "parent": "Books", "entries": []}, {"name": "[Security Engineering - Third Edition](https://www.cl.cam.ac.uk/~rja14/book.html) (2020)", "parent": "Books", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [Bulletproof SSL and TLS](https://www.feistyduck.com/books/bulletproof-ssl-and-tls/) (2014)", "parent": "Books", "entries": []}, {"name": "[Holistic Info-Sec for Web Developers (Fascicle 0)](https://leanpub.com/holistic-infosec-for-web-developers) (2016)", "parent": "Books", "entries": []}, {"name": "[Holistic Info-Sec for Web Developers (Fascicle 1)](https://leanpub.com/holistic-infosec-for-web-developers-fascicle1-vps-network-cloud-webapplications)", "parent": "Books", "entries": []}, {"name": "[Offensive Computer Security (CIS 4930) FSU](https://www.cs.fsu.edu/~redwood/OffensiveComputerSecurity/)", "parent": "Classes", "entries": []}, {"name": "[Hack Night (⭐1.2k)](https://github.com/isislab/Hack-Night)", "parent": "Classes", "entries": []}, {"name": "[Hack This Site!](http://www.hackthissite.org)", "parent": "Websites", "entries": []}, {"name": "[Enigma Group](http://www.enigmagroup.org)", "parent": "Websites", "entries": []}, {"name": "[Web App Sec Quiz](https://timoh6.github.io/WebAppSecQuiz/)", "parent": "Websites", "entries": []}, {"name": "[SecurePasswords.info](https://securepasswords.info)", "parent": "Websites", "entries": []}, {"name": "[Security News Feeds Cheat-Sheet](http://lzone.de/cheat-sheet/Security-News-Feeds)", "parent": "Websites", "entries": []}, {"name": "[Open Security Training](http://opensecuritytraining.info/)", "parent": "Websites", "entries": []}, {"name": "[MicroCorruption](https://microcorruption.com/login)", "parent": "Websites", "entries": []}, {"name": "[The Matasano Crypto Challenges](http://cryptopals.com)", "parent": "Websites", "entries": []}, {"name": "[PentesterLab](https://pentesterlab.com)", "parent": "Websites", "entries": []}, {"name": "[Juice Shop](https://bkimminich.github.io/juice-shop)", "parent": "Websites", "entries": []}, {"name": "[Supercar Showdown](http://hackyourselffirst.troyhunt.com/)", "parent": "Websites", "entries": []}, {"name": "[OWASP NodeGoat (⭐1.9k)](https://github.com/owasp/nodegoat)", "parent": "Websites", "entries": []}, {"name": "[Securing The Stack](https://securingthestack.com)", "parent": "Websites", "entries": []}, {"name": "[OWASP ServerlessGoat](https://www.owasp.org/index.php/OWASP_Serverless_Goat)", "parent": "Websites", "entries": []}, {"name": "[SecDim](https://secdim.com)", "parent": "Websites", "entries": []}, {"name": "Blogs", "parent": "Websites", "entries": []}, {"name": "Wiki pages", "parent": "Websites", "entries": []}, {"name": "Tools", "parent": "Websites", "entries": []}, {"name": "[PureSec FunctionShield](https://www.puresec.io/function-shield)", "parent": "Tools", "entries": []}, {"name": "[SEI CERT Android Secure Coding Standard](https://www.securecoding.cert.org/confluence/display/android/Android+Secure+Coding+Standard) (2015)", "parent": "Books and ebooks", "entries": []}, {"name": "[SEI CERT C Coding Standard](https://www.securecoding.cert.org/confluence/display/c/SEI+CERT+C+Coding+Standard) (2006)", "parent": "Books and ebooks", "entries": []}, {"name": "[Defensive Coding: A Guide to Improving Software Security by the Fedora Security Team](https://docs.fedoraproject.org/en-US/Fedora_Security_Team/1/html/Defensive_Coding/index.html) (2025)", "parent": "Books and ebooks", "entries": []}, {"name": "[SEI CERT C++ Coding Standard](https://www.securecoding.cert.org/confluence/pages/viewpage.action?pageId=637) (2006)", "parent": "Books and ebooks", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [Security Driven .NET](http://securitydriven.net/) (2015)", "parent": "Books and ebooks", "entries": []}, {"name": "[Clojure OWASP (⭐33)](https://github.com/nubank/clj-owasp) (2020)", "parent": "Repositories", "entries": []}, {"name": "[Memory Security in Go - spacetime.dev](https://spacetime.dev/memory-security-go) (2017)", "parent": "Articles", "entries": []}, {"name": "[SEI CERT Java Coding Standard](https://www.securecoding.cert.org/confluence/display/java/SEI+CERT+Oracle+Coding+Standard+for+Java) (2007)", "parent": "Books and ebooks", "entries": []}, {"name": "[Secure Coding Guidelines for Java SE](http://www.oracle.com/technetwork/java/seccodeguide-139067.html) (2014)", "parent": "Books and ebooks", "entries": []}, {"name": "[Node.js Security Checklist - Rising Stack Blog](https://blog.risingstack.com/node-js-security-checklist/) (2015)", "parent": "Articles", "entries": []}, {"name": "[Awesome Electron.js hacking & pentesting resources (⭐602)](https://github.com/doyensec/awesome-electronjs-hacking) (2020)", "parent": "Articles", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [Essential Node.js Security](https://leanpub.com/nodejssecurity) (2017)", "parent": "Books and ebooks", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [Security Training by ^Lift Security](https://liftsecurity.io/training)", "parent": "Training", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [Security Training from BinaryMist](https://blog.binarymist.net/presentations-publications/)", "parent": "Training", "entries": []}, {"name": "[It's All About Time](http://blog.ircmaxell.com/2014/11/its-all-about-time.html) (2014)", "parent": "Articles", "entries": []}, {"name": "[Secure Authentication in PHP with Long-Term Persistence](https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence) (2015)", "parent": "Articles", "entries": []}, {"name": "[20 Point List For Preventing Cross-Site Scripting In PHP](http://blog.astrumfutura.com/2013/04/20-point-list-for-preventing-cross-site-scripting-in-php) (2013)", "parent": "Articles", "entries": []}, {"name": "[25 PHP Security Best Practices For Sys Admins](http://www.cyberciti.biz/tips/php-security-best-practices-tutorial.html) (2011)", "parent": "Articles", "entries": []}, {"name": "[PHP data encryption primer](https://timoh6.github.io/2014/06/16/PHP-data-encryption-cheatsheet.html) (2014)", "parent": "Articles", "entries": []}, {"name": "[Preventing SQL Injection in PHP Applications - the Easy and Definitive Guide](https://paragonie.com/blog/2015/05/preventing-sql-injection-in-php-applications-easy-and-definitive-guide) (2014)", "parent": "Articles", "entries": []}, {"name": "[You Wouldn't Base64 a Password - Cryptography Decoded](https://paragonie.com/blog/2015/08/you-wouldnt-base64-a-password-cryptography-decoded) (2015)", "parent": "Articles", "entries": []}, {"name": "[A Guide to Secure Data Encryption in PHP Applications](https://paragonie.com/white-paper/2015-secure-php-data-encryption) (2015)", "parent": "Articles", "entries": []}, {"name": "[The 2018 Guide to Building Secure PHP Software](https://paragonie.com/blog/2017/12/2018-guide-building-secure-php-software) (2017)", "parent": "Articles", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [Securing PHP: Core Concepts](https://leanpub.com/securingphp-coreconcepts)", "parent": "Books and ebooks", "entries": []}, {"name": "[Using Libsodium in PHP Projects](https://paragonie.com/book/pecl-libsodium)", "parent": "Books and ebooks", "entries": []}, {"name": "[defuse/php-encryption (⭐3.8k)](https://github.com/defuse/php-encryption)", "parent": "Useful libraries", "entries": []}, {"name": "[ircmaxell/password\\_compat (⭐2.1k)](https://github.com/ircmaxell/password_compat)", "parent": "Useful libraries", "entries": []}, {"name": "[ircmaxell/RandomLib (⭐843)](https://github.com/ircmaxell/RandomLib)", "parent": "Useful libraries", "entries": []}, {"name": "[thephpleague/oauth2-server (⭐6.6k)](https://github.com/thephpleague/oauth2-server)", "parent": "Useful libraries", "entries": []}, {"name": "[paragonie/random\\_compat (⭐8.2k)](https://github.com/paragonie/random_compat)", "parent": "Useful libraries", "entries": []}, {"name": "[psecio/gatekeeper (⭐365)](https://github.com/psecio/gatekeeper)", "parent": "Useful libraries", "entries": []}, {"name": "[openwall/phpass](http://www.openwall.com/phpass/)", "parent": "Useful libraries", "entries": []}, {"name": "[websec.io](http://websec.io)", "parent": "Websites", "entries": []}, {"name": "Blogs", "parent": "Websites", "entries": []}, {"name": "Mailing lists", "parent": "Websites", "entries": []}, {"name": "[SEI CERT Perl Coding Standard](https://www.securecoding.cert.org/confluence/display/perl/SEI+CERT+Perl+Coding+Standard) (2011)", "parent": "Books and ebooks", "entries": []}, {"name": "[Python chapter of Fedora Defensive Coding Guide](https://docs.fedoraproject.org/en-US/defensive-coding/programming-languages/Python/)", "parent": "Books and ebooks", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [Black Hat Python: Python Programming for Hackers and Pentesters](https://www.nostarch.com/blackhatpython)", "parent": "Books and ebooks", "entries": []}, {"name": "![nonfree](https://github.com/paragonie/awesome-appsec/raw/master/img/nonfree.png) [Violent Python](http://www.amazon.com/Violent-Python-Cookbook-Penetration-Engineers/dp/1597499579)", "parent": "Books and ebooks", "entries": []}, {"name": "[OWASP Python Security Wiki (⭐407)](https://github.com/ebranca/owasp-pysec/wiki) (2014)", "parent": "Websites", "entries": []}, {"name": "[Secure Ruby Development Guide](https://docs.fedoraproject.org/en-US/Fedora_Security_Team/1/html/Secure_Ruby_Development_Guide/index.html) (2014)", "parent": "Books and ebooks", "entries": []}]}
						
						
					
				
				
					
						Reference in a new issue
					
					View git blame
					Copy permalink