Application Security

• Awesome AppSec
• OWASP
  • SecurityShepherd - Web/mobile app training
  • Cheatsheets
  • WSTG (OWASP)
  • Testing for business logic
  • Docker
    • Docker Security Repo
    • Docker Security Cheatsheet
• Google Hacking DB (Exploit DB)
• Big List of Naughty Strings
  • WARNING: Some of these are VERY destructive if successful!
• Scaling Appsec at Netflex
• Edition 6: Top 4 AppSec metrics and why they are so hard to measure
• cure53 pentest reports