[ Hacker Night School ] :: Excellent, well-written hacking lessons: HackingTutorials.org

It might seem funny for School for Hackers to like or endorse another hacking tutorial site, but the truth is that sites like Hacking Tutorials are terrific resources for all of us. This really excellent site features detailed, well-written step-by-step tutorials on up-to-the-minute vulnerabilities and exploits: The Top 10 Wifi Hacking Tools in Kali Linux …

Is hacking eventually going to be your job (you hope)? Know the job search aggregators.

Social Networking

Everyone here knows I invite contributor articles on several topics, including finding jobs and work. What Vanessa Fardi has to say below is useful on several levels. One, the service she reps is Nuevoo, a job search aggregator that’s pretty big around the world, particularly for non-English speakers, and it’s certainly worth looking at. On …

[ Security for Web Developers ] :: 16: Best Practices

Blue Security Goddess

You should: Change the default user name directly in the database. Put files that contain login credentials outside your webroot. Don’t allow writable directories. (With details….) Don’t allow users to upload anything. Sorry. Avoid toxic data. Patch like mad. Use a security notification plugin like Sucuri (and actually pay attention). Change your username if the …

[ Security for Web Developers ] :: 15: Testing Guides and Aids

OWASP

By the Book There are lots of methodologies, more or less formal, for testing your web app’s security. OWASP is, of course, a biggie. https://www.owasp.org/images/5/52/OWASP_Testing_Guide_v4.pdf And don’t forget tools for particular platforms, for instance WordPress. http://wpscan.org/ (this is great) Next: http://schoolforhackers.com/security-web-developers-best-practices/