💪 Code Literacy is a Super Power for Hackers 💪
(and Security Literacy is a super power for devs)
Knowing how vulnerabilities are mitigated makes you a 10x engineer (sec or dev)
Check out this thread for some of my fav
🔥FREE🔥
resources. ⬇️
(Also send me more!)
(and Security Literacy is a super power for devs)
Knowing how vulnerabilities are mitigated makes you a 10x engineer (sec or dev)
Check out this thread for some of my fav
🔥FREE🔥
resources. ⬇️
(Also send me more!)
📣 1st off, if you're a 🛠️Hacker🛠️ or security person:
☢️ You don't need to be a dev. You just need to understand the concepts of mitigating common vulnerabilities. Bonus points for knowing frameworks that eliminate them entirely
☢️ You don't need to be a dev. You just need to understand the concepts of mitigating common vulnerabilities. Bonus points for knowing frameworks that eliminate them entirely
📣 2nd, if you're a 🛠️Dev🛠️ :
☢️ You don't need to be a hacker. You just need to understand the concepts of exploiting common vulnerabilities. then you use some of these resources to help mitigate them.
☢️ You don't need to be a hacker. You just need to understand the concepts of exploiting common vulnerabilities. then you use some of these resources to help mitigate them.
1⃣ Snyk's Academy
@snyksec has a free academy which has over sixty vulns and lessons on remediating them in Java, JavaScript, PHP, and Python.
learn.snyk.io
@snyksec has a free academy which has over sixty vulns and lessons on remediating them in Java, JavaScript, PHP, and Python.
learn.snyk.io
2⃣ Secure Code Warrior
@SecCodeWarrior offers a no obligation 14 day trial to their platform. Even after that has free vids on many topics.
securecodewarrior.com
@SecCodeWarrior offers a no obligation 14 day trial to their platform. Even after that has free vids on many topics.
securecodewarrior.com
3⃣ Codebashing by @Checkmarx
Codebashing offers a free unlimited trial. 41 Lessons on discreet CVE's to code level OWASP Top 10 vulns.
codebashing.com
Codebashing offers a free unlimited trial. 41 Lessons on discreet CVE's to code level OWASP Top 10 vulns.
codebashing.com
4⃣ Hacksplaining
hacksplaining offers several lessons (and has a print book by No Starch). It cover more of the theory and attacker side but then does have fix code snippets at the end of every lesson.
hacksplaining.com
hacksplaining offers several lessons (and has a print book by No Starch). It cover more of the theory and attacker side but then does have fix code snippets at the end of every lesson.
hacksplaining.com
5⃣ Contrast's Developer Central Secure code Lessons
@contrastsec has published lessons and mitigation annotations in 1pagers for security people and developers. It's less interactive but still great, with a few videos in there to spice it up.
#Contrast-Secure-Code-Lessons" target="_blank" rel="noopener" onclick="event.stopPropagation()">contrastsecurity.com
@contrastsec has published lessons and mitigation annotations in 1pagers for security people and developers. It's less interactive but still great, with a few videos in there to spice it up.
#Contrast-Secure-Code-Lessons" target="_blank" rel="noopener" onclick="event.stopPropagation()">contrastsecurity.com
6⃣ Avato Dev Sec Training
@theavatao offer 3 free exercises in their pad course of your choice. Content looks very modern. I wonder how they control that? 🤔 🤐
avatao.com
@theavatao offer 3 free exercises in their pad course of your choice. Content looks very modern. I wonder how they control that? 🤔 🤐
avatao.com
7⃣ Veracode's Security Labs Community Edition
@Veracode offers dozens of free resources in their community edition Security labs.
info.veracode.com
@Veracode offers dozens of free resources in their community edition Security labs.
info.veracode.com
8⃣ OWASPs Secure Coding Dojo
This one is a self hosted learning platform in Java with lessons hosted and and insecure app to fix. Its dockerized for convenience.
github.com
This one is a self hosted learning platform in Java with lessons hosted and and insecure app to fix. Its dockerized for convenience.
github.com
9⃣ Kontra by ThriveDX
Kontra by @TDX_Enterprise offers many of the OWASP Top Ten Exercises free and has a free trial. I like the innovative platform!
application.security
Kontra by @TDX_Enterprise offers many of the OWASP Top Ten Exercises free and has a free trial. I like the innovative platform!
application.security
That's it for now, retweet the 1st tweet and go level up!
Oh, one more I'm REALLY excited about:
🔟 Appsec Engineer
Some of the very freshest content on security engineering. A free trial offers access to 7 courses for 15 days.
Seriously watching this one...
checkout.appsecengineer.com
🔟 Appsec Engineer
Some of the very freshest content on security engineering. A free trial offers access to 7 courses for 15 days.
Seriously watching this one...
checkout.appsecengineer.com
Loading suggestions...