BestHub
Sign in
Tag

Secure Coding

0 views collected around this technical thread.

Selected Java Interview Questions
Selected Java Interview Questions
Jan 12, 2025 · Information Security

Encrypting and Dynamically Decrypting Spring Boot JAR Files for Secure Deployment

This article demonstrates a practical approach to protect sensitive Spring Boot applications by encrypting the JAR with AES, storing the key in a secure vault, and using a custom ClassLoader to decrypt and load classes at runtime, while highlighting key management, performance, and additional hardening considerations.

AESClassLoaderJAR encryption
0 likes · 8 min read
Encrypting and Dynamically Decrypting Spring Boot JAR Files for Secure Deployment
php中文网 Courses
php中文网 Courses
Nov 15, 2024 · Information Security

Best Practices for Securing PHP Applications

This guide outlines comprehensive, actionable steps for PHP developers to build secure applications by using the latest PHP version, enforcing HTTPS, sanitizing input, managing passwords, preventing XSS and CSRF, handling sessions, logging errors, securing file uploads, and applying the principle of least privilege.

PHPSecure CodingWeb Security
0 likes · 10 min read
Best Practices for Securing PHP Applications
360 Smart Cloud
360 Smart Cloud
Jul 11, 2024 · Information Security

Web Security Fundamentals: Secure Coding, SQL Injection, XSS, and File Management

This article provides a comprehensive overview of web security, covering authentication, input validation, secure coding practices, SQL injection and XSS attack mechanisms, detection methods, defensive techniques, and best practices for secure file upload and download.

File UploadSQL injectionSecure Coding
0 likes · 15 min read
Web Security Fundamentals: Secure Coding, SQL Injection, XSS, and File Management
Sohu Tech Products
Sohu Tech Products
Dec 20, 2023 · Information Security

Command Injection Vulnerabilities in Node.js: Analysis and Prevention

The article examines how command‑injection flaws in popular Node.js npm packages such as find‑exec and fs‑git arise from unsafe concatenation of user input into shell commands, and recommends rigorous validation, using execFile or spawn, and regular dependency audits to prevent catastrophic system compromise.

CVESecure Codingchild_process
0 likes · 11 min read
Command Injection Vulnerabilities in Node.js: Analysis and Prevention
Sohu Tech Products
Sohu Tech Products
Oct 19, 2022 · Information Security

Secure Software Development: SDL, Tool Configurations, and Safe Coding Practices

This article outlines essential practices for secure software development, covering Microsoft's Security Development Lifecycle, Visual Studio security features, and comprehensive secure coding guidelines—including safe APIs, SafeInt library usage, trust boundaries, type casting, and file operation safeguards—to reduce vulnerabilities such as buffer overflows and memory errors.

C++SDLSecure Coding
0 likes · 10 min read
Secure Software Development: SDL, Tool Configurations, and Safe Coding Practices
Architects Research Society
Architects Research Society
Jul 8, 2020 · Information Security

Top 25 Software Errors (CWE) and Resources for Mitigation

The article presents the CWE Top 25 software errors, detailing each weakness with its ID and description, and provides links to MITRE entries, remediation guidance, and various SANS training resources aimed at helping developers mitigate these common vulnerabilities.

CWEMitigationSANS
0 likes · 17 min read
Top 25 Software Errors (CWE) and Resources for Mitigation
Architects Research Society
Architects Research Society
Nov 24, 2015 · Information Security

Understanding Common Web Application Attacks and the OWASP Top 10

The article explains how modern web and cloud‑based applications are increasingly exposed to a range of application‑layer attacks—including injection, XSS, broken authentication, and insecure redirects—while highlighting OWASP’s Top 10 list, the importance of secure development practices, and IBM’s educational webinar series.

OWASPSecure CodingWeb Security
0 likes · 10 min read
Understanding Common Web Application Attacks and the OWASP Top 10