Secure Coding Guide

Security programming and secure coding guide.

Tags:

Security

This guide summarizes common secure coding weaknesses and practical countermeasures for application development.

Secure Coding Overview

Secure Coding Overview

Information Exposure Through Error Messages

Information Exposure Through Error Messages

SQL Injection

SQL Injection

Cross-Site Scripting (XSS)

Cross-Site Scripting (XSS)

Automatic Connection to an Untrusted URL

Automatic Connection to an Untrusted URL

System Data Information Exposure

System Data Information Exposure

Upload of Dangerous File Types

Upload of Dangerous File Types

Path Manipulation and Resource Injection

Path Manipulation and Resource Injection

Hard-coded Passwords

Hard-coded Passwords

Weak Password Requirements

Weak Password Requirements

One-way Hash Functions Without Salt

One-way Hash Functions Without Salt

Use of Weak Cryptographic Algorithms

Use of Weak Cryptographic Algorithms

Missing Limits on Repeated Authentication Attempts

Missing Limits on Repeated Authentication Attempts

Operating System Command Injection

Operating System Command Injection

Null Pointer Dereference

Null Pointer Dereference

Improper Resource Release

Improper Resource Release

Improper Authorization

Improper Authorization