Skip to content

Presentations, training modules, and other education materials from Duo Security's Application Security team.

License

Notifications You must be signed in to change notification settings

misfir3/appsec-education

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Duo Security - Application Security Education

This repository contains resources provided by the Duo Security Application security team.

Find out more about Duo Security's efforts to democratize security for all in this blog post: https://duo.com/blog/improving-application-security-education-through-community.

Training Decks

In this directory you'll find PDF and PowerPoint versions of two internal presentations developed and presented by our Application Security team:

  • Introduction to Application Security
  • Advanced Application Security

Each of these presentations include content covering a wide range of application security topics, common vulnerabilities and remediation recommendations.

Hunter2 Labs

As a part of this public release of our content, we've also included the code and content for our custom Hunter2 labs. Hunter2 is a platform specifically designed to help users gain application security knowledge through hands-on labs, identifying issues and fixing vulnerabilities.

Current labs cover:

  • HTTP Header Injection
  • JSON Injection
  • Flaws in JWTs
  • Mass Assignment
  • Type juggling issues (Power of None)
  • Replay Attacks

Each lesson directory contains a content/ subdirectory containing Markdown files for the lesson content and a code/ directory containing the related vulnerable application.

These lessons have been made available on the Hunter2 platform a part of a collaboration between the Hunter2 service and Duo Security. More information about it can be found on the Hunter2 site: https://hunter2.com/community

About

Presentations, training modules, and other education materials from Duo Security's Application Security team.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 41.0%
  • CSS 31.6%
  • HTML 24.6%
  • Python 2.2%
  • Dockerfile 0.3%
  • Ruby 0.2%
  • PowerShell 0.1%