Textbook ($30)

   

Secure Coding

Slides

8 Secure Programming   KEY · PDF
9 Low-Level Coding Flaws   KEY · PDF
10 Untrusted Input   KEY · PDF
11 Web Security   KEY · PDF
12 Security Testing    KEY · PDF

The Worst Mobile Apps (DEF CON 28, 2020) (PPTX) · (Keynote)

Projects

Linux Server Setup

H 201: Google Cloud Linux Server 10
SC 200: Cloud PHP Server 20

Manual Testing

SC 201: XSS 25
SC 202: Shell Code Injection 25
SC 203: SQL Injection 35
SC 204: Local File Inclusion 35
SC 205: Hardcoded Secrets 15
SC 206: Integer Overflow 15

Static Testing

SC 100: Installing the OWASP Juice Shop in the Cloud 25
W 700: SonarQube Code Scanner 15
SC 101: Scanning the OWASP Juice Shop with SonarQube 10 + 10 extra
SC 110: Finding Security Issues with Codacy 15
SC 111: Investigating Security Issues with Codacy 20
SC 120: Finding Security Issues with Semgrep 15
SC 130: Finding and Fixing Security Issues with Snyk 25

Dynamic Testing

SC 300: OWASP ZAP 45

Python Basics

VP 10: Python 3 Setup  10
VP 100: Strings  50
VP 110: Bytes and Files  25
ML 160: GitHub Copilot  15

Networking with Python

VP 200: Port Scanning  35
VP 210: HTTP  70

Cryptography with Python

VP 300: Password Hashes  85
VP 301: Caesar Cipher  52

Python Madness

VP 400: Machine Learning  50
C 510: Quantum Computing  20

Posted 7-2-24
Windows Server projects and scoreboard removed 7-17-24
Violent Python and ML 160 added 7-18-24