I was doing a number of security code audits over the last few months, and in that time, a number of interesting and in depth articles crossed my media feeds. Here’s a quick reading list rundown for the security minded.
SQL Injection Cheat Sheet. There is a lot of good technical detail here, much more than I previously knew. If you’ve never tried testing for vulnerabilities, this is a must read.
Big List of Naughty Strings – Dove tailing off that last one, this git repository is like it says. Useful for testers and developers alike.
10up Best PHP Security Practices – Contains some WordPress specific examples. This one is a good introduction for developers if you haven’t been programing with security in mind.
Basics of Web Application Security – a long read, but a good one. The authors explain the principles of how to protect your application from malicious inputs and outputs.
Finally, I can’t post a list of security articles without recommending the Security Now podcast. They cover a wide range of security topics from breaking down security vulnerabilities to security & crypto issues in the news. This podcast is worth checking out.