Skip to content

Instantly share code, notes, and snippets.

View blangus's full-sized avatar

blangus

6 followers · 0 following
View GitHub Profile
@blangus
blangus / secure-architecture
Last active July 30, 2019 13:30
security principles: https://www.owasp.org/index.php/Security_by_Design_Principles
application design: https://www.owasp.org/images/f/f7/Checklist_For_Design.pdf
more in depth: https://security-and-privacy-reference-architecture.readthedocs.io/en/latest/08-security-principles.html#
pro-active: https://www.owasp.org/images/b/bc/OWASP_Top_10_Proactive_Controls_V3.pdf
@blangus
blangus / google-dorks
Created July 8, 2019 14:25 — forked from stevenswafford/google-dorks
Listing of a number of useful Google dorks.
" _ _ "
" _ /|| . . ||\ _ "
" ( } \||D ' ' ' C||/ { % "
" | /\__,=_[_] ' . . ' [_]_=,__/\ |"
" |_\_ |----| |----| _/_|"
" | |/ | | | | \| |"
" | /_ | | | | _\ |"
It is all fun and games until someone gets hacked!
@blangus
blangus / jwt-security
Last active July 3, 2019 11:59
jwt security stuff
cheatsheet: https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/JSON_Web_Token_Cheat_Sheet_for_Java.md
jwt security handbook: https://tools.ietf.org/pdf/draft-ietf-oauth-jwt-bcp-06.pdf
jwt handbook (chapter 2.1): https://assets.ctfassets.net/2ntc334xpx65/o5J4X472PQUI4ai6cAcqg/c0f09bd6d2ec494462ea684ab065781d/jwt-handbook-v0_14_1.pdf
openid (chapter 8): https://bitbucket.org/openid/fapi/src/master/Financial_API_WD_002.md?at=master&fileviewer=file-view-default#markdown-header-8-security-considerations