Skip to content
/ appsec-notes Public

My Application Security Notes - web, mobile, thick client, API, and more.

12 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

nybble04/appsec-notes

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

58 Commits
api
api
 
 
code-review
code-review
 
 
devsecops
devsecops
 
 
mobile
mobile
 
 
web
web
 
 
README.md
README.md
 
 
appsec.png
appsec.png
 
 

Repository files navigation

Application Security Notes

devsecops components

Topics:

  • This is an ever-growing checklist that expands with my never-ending learning. 🤓
  • Links to supplementary resources or credits are added within the notes.
  • I'm no expert, so feel free to raise a PR with any corrections.

Web Application Security

  • OWASP Top 10
  • XSS, CSP
  • CSRF, CORS, SOP
  • Open redirect
  • SSRF
  • SQLi
  • NoSQLi
  • XPATHi
  • XXE
  • LFI, RFI
  • SSTI
  • JWT
  • Broken Access Control, IDOR
  • Clickjacking
  • Business Logic Flaws
  • Race Conditions
  • HTTP Host header Attacks
  • OAuth 2.0
  • SAML
  • Web Socket Vulnerabilities
  • Insecure deserialization
  • Prototype Pollution
  • HTTP Request Smuggling
  • Web Cache Poisoning
  • DOM vulnerabilities

Mobile Security

  • OWASP Top 10
  • Android
  • iOS

API Security

  • OWASP Top 10
  • REST API
  • GraphQL

Thick Client Security

  • Thick/Heavy/Rich/Fat client

DevSecOps Concepts

  • Concepts - ShiftLeft, Agile, CI/CD, SAST/SCA
  • Docker Security
  • Kubernetes Security
  • Threat Modeling

About

My Application Security Notes - web, mobile, thick client, API, and more.

Topics

cybersecurity penetration-testing application-security web-security mobile-security information-security vulnerability-assessment secure-coding owasp-top-10 source-code-analysis api-security security-engineer interview-preperation

Resources

Readme
Activity

Stars

12 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published