There are myriad theories as to why software remains insecure after we've spend decades trying to solve the problem. Common reasons include: Get the Audio

Have I Been Pwned allows you to search across multiple data breaches to see if your email address has been compromised.

The CEO Cybersecurity Challenge (#ceocybersecuritychallenge) is designed to get any organisation to root of their security problems; their people.

A tout moment, de nombreux concurrents ou individus mal intentionnés aimeraient mettre la main sur les données de votre entreprise. Etes-vous prêts à faire les bons choix ? Avez-vous évaluer le budget dont vous aurez besoin pour mettre en place une politique de sécurité ? Votre compagnie est-elle parée contre toute cyberattaque éventuelle ?

Demonstration of Cross Site Request Forgery(CSRF) with a simple todo app.

The best hacker's gadgets for Red Team pentesters and security researchers. - yadox666/The-Hackers-Hardware-Toolkit

Introducing the Defensive Coding Guide The Defensive Coding Guide provides guidelines for improving software security through secure coding. It covers common programming languages and libraries, and focuses on concrete recommendations.

(Heads up before you start reading, this article was written by Ben Bidmead at Delta, formerly known as Sequoia Cyber Solutions, this post is quite old now and so a lot of the stuff here is broken and has been re-posted for completeness). To kick off this series on offensive security techniques, I am going to begin with what I consider to be the most important aspects of pentesting. Passive Recon and OSINT. Now, do not let the word ‘passive’ fool you. This is no light recon; you can uncover vas

It goes without saying that being a Professional Penetration Tester is one of the “sexier” jobs in InfoSec. I mean, let’s be honest here - who wouldn’t want to break into buildings, and hack companies like Elliot from Mr. Robot, or carry out crazy hacks against banks and casinos like in the Oceans Series, all while doing it legally?

Découvrez si votre site web a besoin de passer à HTTPS.

An evolving how-to guide for securing a Linux server. - imthenachoman/How-To-Secure-A-Linux-Server

Free Security and Hacking eBooks. Contribute to Hack-with-Github/Free-Security-eBooks development by creating an account on GitHub.

🐶 A curated list of Web Security materials and resources. - qazbnm456/awesome-web-security

Managing certificates, and rotating them in due time can quickly get out of hand.

A checklist for staying safe on the internet

Essential Reading for the Security Professional

An interesting report by Symantec reveals, 76% of scanned websites had malware. and if you are using WordPress then in another report by SUCURI shows, more than 70% of scanned websites were infected with one or more vulnerabilities. As a web application owner, how do you ensure your site is protected from online threats? Doesn’t […]

A legal and safe web application security educational resource.

Want to learn about hacking, hackers and network security. Try our hacking challenges or join our community to discuss the latest software and cracking tools.

A deliberately vulnerable web application for learning web application security. - OWASP/OWASPWebGoatPHP

Katie Fenn opens the door on our 2018 season by transporting us back to the turn of the century when new lessons were being learned about web security. Those who don’t learn from the past are condemned to repeat it, so fasten up your winter coat and let Katie lead you through some of the darker parts of the forest.

In 2014, Bryan Seely hacked the Secret Service and the FBI, and then turned himself in to alert authorities to the problem. He'll tell you what you can do ab...

How do you pick up a malicious online virus, the kind of malware that snoops on your data and taps your bank account? Often, it's through simple things you do each day without thinking twice. James Lyne reminds us that it's not only the NSA that's watching us, but ever-more-sophisticated cybercriminals, who exploit both weak code and trusting human nature.

Learn how hackers use SQL injection to obtain data from your servers and what you can do through T-SQL code and server settings to stop them.

The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data. - minimaxir/big-list-of-naughty-strings