Forem: Stefan Streichsbier

Awesome .NET Security

Stefan Streichsbier — Wed, 06 Feb 2019 09:22:18 +0000

Hey Devs, do you like #dotnet and #security?

Then you might 💖 this curated list of awesome-dotnet-security resources to help fortify .NET code.

guardrailsio / awesome-dotnet-security

Awesome .NET Security Resources

A curated list of awesome .NET Security related resources.

List inspired by the awesome list thing.

Supported by: GuardRails.io

Tools

Libraries

.NET Core Security Headers - Middleware for adding security headers to an ASP.NET Core application.
NetEscapades.AspNetCore.SecurityHeaders - Small package to allow adding security headers to ASP.NET Core websites.
HtmlSanitizer - Cleans HTML to avoid XSS attacks.
JWT .NET - Jwt.Net, a JWT (JSON Web Token) implementation for .NET.
NWebsec - Security libraries for ASP.NET.
AspNetSaml - SAML client library, allows adding SAML single-sign-on to your ASP.NET app.
AspNetCoreRateLimit - Package that will let you set rate limits for your .NET Core Api.

Static Code Analysis

GuardRails - Continuous verification platform that integrates tightly with leading version control systems.
Security Code Scan - Vulnerability Patterns Detector for C# and VB.NET.
Puma Scan - Puma Scan is a .NET software secure code analysis tool providing real…

View on GitHub

Did I miss anything? Let me know in the comments.

And, please leave a like (or ⭐ the repo) if you find it useful.

Awesome Java Security 🕶☕🔐

Stefan Streichsbier — Tue, 22 Jan 2019 05:23:37 +0000

The first version of Java was released on January 23, 1996. Since then Java is said to run on over 3 billion devices. Many of these devices are web servers.

Java is one of the top 5 most popular technologies, according to the 2018 StackOverflow survey.

For this reason, I've compiled a curated list of awesome-java-security resources to help devs code securely with Java.

guardrailsio / awesome-java-security

Awesome Java Security Resources 🕶☕🔐

A curated list of awesome Java security-related resources.

List inspired by the awesome list thing.

Supported by: GuardRails.io

Tools

Web Framework Hardening

Apache Shiro - A powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management.
JJWT - Java JWT: JSON Web Token for Java and Android.
OWASP ESAPI Java - Enterprise Security API is a free, open source, web application security control library that makes it easier for programmers to write lower-risk applications.
PAC4J - Security engine for Java to authenticate users, get their profiles and manage authorizations in order to secure web applications and web services.
Spring Security - A powerful and highly customizable authentication and access-control framework.
Spring Security Oauth - Support for adding OAuth1(a) and OAuth2 features (consumer and provider) for Spring web applications.

Multi tools

hawkeye - Multi-purpose security/vulnerability/risk scanning tool supporting Ruby, Node.js, Python, PHP and…

View on GitHub

Did I miss anything? Let me know in the comments.

And, please leave a like (or ⭐ the repo) if you find it useful.

Awesome Python Security 🕶🐍🔐

Stefan Streichsbier — Thu, 10 Jan 2019 04:48:42 +0000

After the success of the Awesome PHP and Golang lists, it was time to put the spotlight on Python, which is the 3rd most widely used programming language according to GitHub. See https://octoverse.github.com/projects#languages.

Check out the curated list of awesome-python-security resources here:

guardrailsio / awesome-python-security

Awesome Python Security resources 🕶🐍🔐

A curated list of awesome Python security related resources.

List inspired by the awesome list thing.

Supported by: GuardRails.io

Tools

Web Framework Hardening

Secure.py - secure.py 🔒 is a lightweight package that adds optional security headers and cookie attributes for Python web frameworks.
Flask-HTTPAuth - Simple extension that provides Basic, Digest and Token HTTP authentication for Flask routes.
Flask Talisman - Talisman is a small Flask extension that handles setting HTTP headers that can help protect against a few common web application security issues.
Django deployment checklist - Web framework Django has built-in feature to check for security configurations: run this command manage.py check --deploy. It's really helpful as it already included in the framework.
Django Session CSRF - CSRF protection for Django without cookies.

Multi tools

hawkeye - Multi purpose security/vulnerability/risk scanning tool supporting Ruby, Node.js, Python, PHP and Java.
GuardRails -…

View on GitHub

Did I miss anything? Let me know in the comments.

And, please leave a like (or ⭐ the repo) if you find it useful.

Awesome Golang Security 🕶🔐

Stefan Streichsbier — Thu, 27 Dec 2018 08:37:09 +0000

Golang is getting a lot of traction lately.

Leveraging awesome security tools to code securely with Go is becoming increasingly important.

For this reason, I've compiled a curated list of awesome-golang-security resources here:

guardrailsio / awesome-golang-security

Awesome Golang Security resources 🕶🔐

A curated list of awesome golang Security related resources.

List inspired by the awesome list thing.

Supported by: GuardRails.io

Tools

Web Framework Hardening

nosurf - CSRF protection middleware for Go.
gorilla/csrf - Provides Cross-Site Request Forgery (CSRF) prevention middleware for Go web applications & services.
gorilla/securecookie - Encodes and decodes authenticated and optionally encrypted cookie values for Go web applications.
secure - Secure is an HTTP middleware for Go that facilitates most of your security needs for web applications.
unindexed - A drop-in replacement for http.Dir which disables directory indexing.
beego-security-headers - beego framework filter for easy security headers management.

Libraries

paseto - Platform-Agnostic Security Tokens implementation in GO (Golang).
hsts - Go HTTP Strict Transport Security library.
jwt-go - Golang implementation of JSON Web Tokens (JWT).
httprobe - Take a list of domains and probe for working HTTP and HTTPS servers.

Static Code Analysis

…

View on GitHub

Did I miss anything? Let me know in the comments.

And, please leave a like (or ⭐ the repo) if you find it useful.

Awesome PHP Security 🕶🐘🔐

Stefan Streichsbier — Mon, 17 Dec 2018 04:27:20 +0000

PHP is still a very popular and widely used language. There are a lot of great security tools and resources available for PHP that are scattered all over the place.

For this reason, I've compiled a curated list of awesome-php-security resources here:

guardrailsio / awesome-php-security

Awesome PHP Security Resources 🕶🐘🔐

A curated list of awesome PHP Security related resources.

List inspired by the awesome list thing.

Supported by: GuardRails.io

Tools

Web Framework Hardening

Snuffleupagus - Security mondule for PHP7/8, the successsor to suhosin.
Secure-Headers - Add security related headers to HTTP response.

Static Code Analysis

Enlightn - Enlightn is a static and dynamic analysis tool to improve the security of Laravel applications.
Exakat - Exakat is a PHP static code analysis, with serious Security reviews.
phpcs-security-audit - phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code
- docker pull guardrails/phpcs-security-audit
progpilot - A static analyzer for security purposes.
Parse - The Parse scanner is a static scanning tool to review your PHP code for potential security-related issues.
SonarPHP from SonarQube - A…

View on GitHub

Did I miss anything? Let me know in the comments.

And, please leave a like (or ⭐ the repo) if you find it useful.

Forem: Stefan Streichsbier

Awesome .NET Security

guardrailsio / awesome-dotnet-security

Awesome .NET Security Resources

Contents

Tools

Libraries

Static Code Analysis

Awesome Java Security 🕶☕🔐

guardrailsio / awesome-java-security

Awesome Java Security Resources 🕶☕🔐

Contents

Tools

Web Framework Hardening

Multi tools

Awesome Python Security 🕶🐍🔐

guardrailsio / awesome-python-security

Awesome Python Security resources 🕶🐍🔐

Contents

Tools

Web Framework Hardening

Multi tools

Awesome Golang Security 🕶🔐

guardrailsio / awesome-golang-security

Awesome Golang Security resources 🕶🔐

Contents

Tools

Web Framework Hardening

Libraries

Static Code Analysis

Awesome PHP Security 🕶🐘🔐

guardrailsio / awesome-php-security

Awesome PHP Security Resources 🕶🐘🔐

Contents

Tools

Web Framework Hardening

Static Code Analysis