Programming Language Courses/References/Security (AppSec)

Table of Contents

Sort

  • Attack Surface Meter

    • Python package for collecting attack surface metrics from a software system. In its current version, Attack Surface Meter is capable of analyzing software systems written in the C programming language with skeletal support for analyzing software systems written in the Java programming language. The attack surface metrics collected are:
    • Proximity to Entry/Exit/Dangerous - The mean of shortest unweighted path length from a function/file to Entry Points/Exit Points/Dangerous Points.
    • Risky Walk - The probability that a function/file will be invoked on a random execution path starting at the attack surface.
  • Hide data inside pointers

Libraries for Java -> https://www.owasp.org/index.php/Category:Java#tab=Related_3rd_Party_Projects

http://en.cppreference.com/w/c

  • Syntribos
    • Syntribos is an open source automated API security testing tool that is maintained by members of the OpenStack Security Project. Given a simple configuration file and an example HTTP request, syntribos can replace any API URL, URL parameter, HTTP header and request body field with a given set of strings. Syntribos iterates through each position in the request automatically. Syntribos aims to automatically detect common security defects such as SQL injection, LDAP injection, buffer overflow, etc. In addition, syntribos can be used to help identify new security defects by automated fuzzing.

End Sort


General

  • The content here is just stuff I've come across or think would be useful to someone in infosec. It is not to be taken as anything beyond a suggestion about stuff.
  • 101
  • Design Patterns
  • Educational
    • App Ideas - Stuff to build out ot improve your programming skills
    • How to be a Programmer: Community Version
      • To be a good programmer is difficult and noble. The hardest part of making real a collective vision of a software project is dealing with one's coworkers and customers. Writing computer programs is important and takes great intelligence and skill. But it is really child's play compared to everything else that a good programmer must do to make a software system that succeeds for both the customer and myriad colleagues for whom he or she is partially responsible. In this essay I attempt to summarize as concisely as possible those things that I wish someone had explained to me when I was twenty-one.
    • Learn_X_in_Y_Minutes
    • Hyperpolyglot
  • General
  • Articles/Blogposts/Writeups
  • Talks
  • Testing
    • Big picture software testing unit testing, Lean Startup, and everything in between PyCon 2017
      • There are many ways you can test your software: unit testing, manual testing, end-to-end testing, and so forth. Take a step back and you'll discover even more form of testing, many of them very different in their goals: A/B testing, say, where you see which of two versions of your website results in more signups or ad clicks. How do these forms of testing differ, how do they relate to each other? How do you choose which kind of testing to pursue, given limited time and resources? How do you deal with strongly held yet opposite views arguing either that a particular kind of testing is essential or that it's a waste time? This talk will provide you with a model, a way to organize all forms of testing and understand what exactly they provide, and why. Once you understand the model you will be able to choose the right form of testing for your situation and goals.
  • Miscellaneous
  • Six Stages of debugging
      	* 1. That can’t happen.
      	* 2. That doesn’t happen on my machine.
      	* 3. That shouldn’t happen.
      	* 4. Why does that happen?
      	* 5. Oh, I see.
      	* 6. How did that ever work?
    

Secure Development Practices/Resources


Source Code Analysis

  • Articles/Blogposts/Writeups
  • General
    • Code-Audit-Challenges
    • InsecureProgramming
      • Insecure Programming by Example - Teach yourself how buffer overflows, format strings, numeric bugs, and other binary security bugs work and how to exploit them
  • Presentations/Talks
    • Code Insecurity or Code in Security - Mano 'dash4rk' Paul - Derbycon2014
      • Attendees of this talk will benefit from learning about what constitutes insecure code and the associated attacks that stem from such code. Applicable attacks ranging from injection to reversing will be demonstrated to reinforce contents of this talk. This way, the attendee would not only be taught about “What not to do?” but also, “Why this should not do, what they ought not to do?”. Finally, attendees will also be introduced to secure development processes such as protection needs elicitation, threat modeling, code review and analysis and secure deployment, to illustrate that while writing secure code is one important aspect of software security, there is more to securing applications, than what meets the eye. Come for a fun filled, interactive session and your chance to win one of the personalized and autographed copies of the speaker’s renowned book – The 7 qualities of highly secure software.
    • Code Insecurity or Code in Security - Mano 'dash4rk' Paul
      • Attendees of this talk will benefit from learning about what constitutes insecure code and the associated attacks that stem from such code. Applicable attacks ranging from injection to reversing will be demonstrated to reinforce contents of this talk. This way, the attendee would not only be taught about “What not to do?” but also, “Why this should not do, what they ought not to do?”. Finally, attendees will also be introduced to secure development processes such as protection needs elicitation, threat modeling, code review and analysis and secure deployment, to illustrate that while writing secure code is one important aspect of software security, there is more to securing applications, than what meets the eye. Come for a fun filled, interactive session and your chance to win one of the personalized and autographed copies of the speaker’s renowned book – The 7 qualities of highly secure software.
  • Tools
    • RIPS
      • RIPS is a tool written in PHP to find vulnerabilities in PHP applications using static code analysis. By tokenizing and parsing all source code files RIPS is able to transform PHP source code into a program model and to detect sensitive sinks (potentially vulnerable functions) that can be tainted by user input (influenced by a malicious user) during the program flow. Besides the structured output of found vulnerabilities RIPS also offers an integrated code audit framework for further manual analysis.
    • PHPMD - PHP Mess Detector
      • What PHPMD does is: It takes a given PHP source code base and look for several potential problems within that source. These problems can be things like: Possible bugs; Suboptimal code; Overcomplicated expressions; Unused parameters, methods, properties.
    • PMD
      • PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Java, JavaScript, PLSQL, Apache Velocity, XML, XSL. Additionally it includes CPD, the copy-paste-detector. CPD finds duplicated code in Java, C, C++, C#, PHP, Ruby, Fortran, JavaScript, PLSQL, Apache Velocity, Ruby, Scala, Objective C, Matlab, Python, Go.
    • Graudit
      • Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It's comparable to other static analysis applications like RATS, analysis
    • How to find 56 potential vulnerabilities in FreeBSD code in one evening
    • Phan
      • Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
    • PMD
      • PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Java, JavaScript, Salesforce.com Apex and Visualforce, PLSQL, Apache Velocity, XML, XSL.
    • Django-Security
      • This package offers a number of models, views, middlewares and forms to facilitate security hardening of Django applications.
    • FindBugs
      • The FindBugs plugin for security audits of Java web applications.
    • bundler-audit
      • Patch-level verification for Bundler
    • OWASP SafeNuGet
      • OWASP SafeNuGet is an MsBuild task to warn about insecure NuGet libraries: https://nuget.org/packages/SafeNuGet/
    • Infer
      • Infer is a static analysis tool for Java, Objective-C and C, written in OCaml.
    • SourceTrail
      • A cross-platform source explorer for C/C++ and Java

APIs

  • 101
  • API Security Checklist
    • Checklist of the most important security countermeasures when designing, testing, and releasing your API

Assembly x86/x64/ARM


Android (Kotlin/Android Java)


Bash


C/C++


C#


Go


Java


Javascript

  • 101
  • Vanilla JS
  • Node.js
    • Node.js Best Practices
      • The largest Node.JS best practices list. Curated from the top ranked articles and always updated
  • Learn
    • Mostly Adequate Guide
      • This is a book on the functional paradigm in general. We'll use the world's most popular functional programming language: JavaScript. Some may feel this is a poor choice as it's against the grain of the current culture which, at the moment, feels predominately imperative.
  • Reference
  • Tools
  • Other

Lisp


Lua

  • Lua
    • Official Homepage
  • Lua - Getting Started
  • Learn
    • Learn X in Y minutes, Where X=Lua
    • Lua code: security overview and practical approaches to static analysis
      • Abstract — Lua is an interpreted, cross-platform, embeddable, performant and low-footprint language. Lua’s popularity is on the rise in the last couple of years. Simple design and efficient usage of resources combined with its performance make it attractive or production web applications even to big organizations such as Wikipedia, CloudFlare and GitHub. In addition to this, Lua is one of the preferred choices for programming embedded and IoT devices. This context allows to assume a large and growing Lua codebase yet to be assessed. This growing Lua codebase could be potentially driving production servers and extremely large number of devices, some perhaps with mission-critical function for example in automotive or home-automation domains. However, there is a substantial and obvious lack of static analysis tools and vulnerable code corpora for Lua as compared to other increasingly popular languages, such as PHP, Python and JavaScript. Even the state-of-the-art commercial tools that support dozens of languages and technologies actually do not support Lua static code analysis. In this paper we present the first public Static Analysis for SecurityTesting (SAST) tool for Lua code that is currently focused on web vulnerabilities. We show its potential with good and promising preliminary results that we obtained on simple and intentionally vulnerable Lua code samples that we synthesized for our experiments. We also present and release our synthesized corpus of intentionally vulnerable Lua code, as well as the testing setups used in our experiments in form of virtual and completely reproducible environments. We hope our work can spark additional and renewed interest in this apparently overlooked area of language security and static analysis, as well as motivate community’s contribution to these open-source projects. The tool, the samples and the testing VM setups will be released and updated at http://lua.re and http://lua.rocks
  • Tools
    • REPL.lua
      • a reusable Lua REPL written in Lua, and an alternative to /usr/bin/lua

<a name="net".NET


<a name="perl"Perl


Powershell

try { #stuff } catch { $ErrorMessage = $.Exception.Message $ErrorSource = $.Exception.Source $err = $ErrorSource + " reports: " + $ErrorMessage }

'''


PHP


Python


Ruby


SQL


Swift

  • Alamofire
    • Alamofire is an HTTP networking library written in Swift.

UEFI Programming


Other