Application Security Wiki is an initiative to provide all Application security related resources to Security Researchers and developers at one place.
For me, the main source of information I use to learn about recent vulnerabilities or trends in application security is usually:
- /r/netsec
I have been on twitter for the past 4 years. However, I now i feel like there are too many tweets or information to take in and most of the time, it is same kind of information. In short: Information Overload. Also, we miss out on most of the information/tips because new information keeps coming in.
With this wiki, I am trying to fix the aforementioned problem by:
- Listing out all existing unique resources(quality > quantity) related to every vulnerability type.
- Providing a weekly newsletter of all new unique articles/tips/tricks/tweets.
- Will also update all information on the appsecwiki Twitter Account. .
Each type of vulnerability listed on this wiki is divided into the following four sections:
- Learning: It covers articles to learn about that vulnerability type.
- Writeups: This wiki is about quality over quantity, so I have only included writeups that have something to teach other than what is already in the Learning section.
- Cheatsheets/Payloads: It includes cheatsheets and payloads which can help when pentesting an application.
- Tools: Any tool related to the type of vulnerability that can help when pentesting an application.
It is awesome to see that you want to contribute to this wiki, which would directly help the community. You can contribute by adding any new piece of information on this wiki by:
- tweet to @appsecwiki
- creating a pull request on appsecwiki github repo
- emailing me at [email protected]
List of our awesome contributors to this wiki is at #Contributors
- Add more resources which can specifically help developers.
- Add Tips/Checklist for each vulnerbility types.