Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 8 years ago.
Improve this question
Where is a good place to start with cyber security, not necessarily directly related to programming?
I'm looking to cover a wide range of issues:
Fire walls
Networking setup
XSS
SQL Injection
An then other things I don't know I don't know.
My current experience is some programming, some networking. I know to clean my user input before sending to a database, etc.
Where should I start? I'd like some print books to read, but other resources are also welcome.
As you're new to the topic and don't yet have specialised in a specific area of computer security, I highly recommend http://www.securitytube.net/. It offers a huge amount of free video based tutorials and other video material you can learn from. Especially you should go for the "Megaprimers" :)
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 8 years ago.
Questions asking us to recommend or find a book, tool, software library, tutorial or other off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Improve this question
Is there a Cassandra package for Dart?
I looked in the official Dart package web site and googled a lot but cannot find any mention.
Looking at the equivalent Cassandra Go package it seems not too difficult to code it but I'm avoiding reinventing the wheel.
To my knowledge there isn't. There are actually not many server-side focused libraries abound, especially databases. There is an SQL library for various SQL databases, and I think Mongo. But not much else. You will probably have to port over the library or design a new one from scratch.
At least to my knowledge, there isn't a Cassandra library. If you don't get around to it, I might give it a shot if I ever find time.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 8 years ago.
Improve this question
Are there any pen-testing agencies that tests nodejs applications? And are there any good tools with wich you can do it yourself?
Regardless of what platform you choose a lot of the same vulnerabilities are found. I recommend the open source project skipfish or a service like Sitewatch. Skipfish doesn't have a JavaScript interpreter, so if you use client side js heavily then you should go with the open source Grendel-Scan.
Zaproxy, is a great tool for web application pentest http://sourceforge.net/projects/zaproxy/files/
A bit late in the day, however www.ZeroDayLab.com specialise in app security scans like this.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 9 years ago.
Improve this question
Mochiweb and webmachine are very promising applications when you see how those who have found they're way around them are using it. I need to be directed to where I can find beginners' tutorials on mochiweb. It appears there is no website dedicated to the framework. I think what I need is a pdf, or a blog site or a tutorial on mochiweb, providing several examples on how to use it. I'm an erlang programmer already, using Nitrogen, Yaws, Mnesia and OTP e.t.c. Please show me the way...
On MochiWeb, I wrote http://alexmarandon.com/articles/mochiweb_tutorial/
Nice series:
http://buffered.io/series/web-development-with-erlang/
Wriaki, a sample app by Basho for Riak, is based on webmachine.
https://github.com/basho/wriaki
There is a video too
http://www.vimeo.com/14275191
A nice tutorial on mochiweb, json (video).
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 8 years ago.
Improve this question
Hi Ive been planning on doing a social network project and im wondering if there are readings on UX Design that I can read to base my site design on. Thanks.
Check out this question. My personal favorite is Steve Krug's Don't Make Me Think.
You might be interested in reading specifically about how other social networking sites are reviewed.
Like when Facebook Redesigned:
http://www.techcrunch.com/2006/09/05/new-facebook-redesign-more-than-just-aesthetics/
Or a Twitter lead designer profile:
http://www.fastcompany.com/blog/cliff-kuang/design-innovation/design-mind-behind-twitter-hes-21
How Ning works:
http://www.technologyreview.com/communications/18321/
Definitely use as many social networking sites as possible to get inspired.
I have found Seductive Interaction Design helpful. There is a section about profile completeness and how to incorporate positive goals that compels your user to take the steps necessary towards completeness.
http://www.amazon.com/Seductive-Interaction-Design-Effective-Experiences/dp/0321725522
Other helpful sections on how to build in fun distractions and more importantly coming on too strong (and how not to!).
Hope this helps!
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Questions asking us to recommend or find a tool, library or favorite off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it.
Closed 9 years ago.
Improve this question
Where should one go to be kept updated on all of the security flaws/problems floating around? Specially in the era of open source where we tend to use libraries from everywhere.
Here's a quick list:
CVE
Security Focus
Secunia
CERT
FrSIRT
SecWatch
OWASP
Defense Information Systems Agency - Information Assurance Support Environment
Defense Information Systems Agency - Security Technical Implementation Guides
Defense Information Systems Agency - Security Readiness Review Evaluation Scripts
I find these links useful as a defense contractor, but they might have use for civilian applications as well. Look at the SRR scripts as a way to detect possible vulnerabilities on a system you are trying to secure.