diff options
Diffstat (limited to 'documentation/bookmark')
-rw-r--r-- | documentation/bookmark/api/rest.md | 4 | ||||
-rw-r--r-- | documentation/bookmark/community.md | 6 | ||||
-rw-r--r-- | documentation/bookmark/community/contribution.md | 5 | ||||
-rw-r--r-- | documentation/bookmark/community_contributions.md | 5 | ||||
-rw-r--r-- | documentation/bookmark/concurrency/semaphore.md | 5 | ||||
-rw-r--r-- | documentation/bookmark/data_structure/persistent.md | 4 | ||||
-rw-r--r-- | documentation/bookmark/game/generation/map.md | 4 | ||||
-rw-r--r-- | documentation/bookmark/math/number/dual.md | 17 | ||||
-rw-r--r-- | documentation/bookmark/probabilistic_data_structure.md | 63 | ||||
-rw-r--r-- | documentation/bookmark/security.md | 145 |
10 files changed, 142 insertions, 116 deletions
diff --git a/documentation/bookmark/api/rest.md b/documentation/bookmark/api/rest.md new file mode 100644 index 000000000..50186c599 --- /dev/null +++ b/documentation/bookmark/api/rest.md @@ -0,0 +1,4 @@ +# Reference + +0. [Standards.REST](https://standards.rest/) + diff --git a/documentation/bookmark/community.md b/documentation/bookmark/community.md new file mode 100644 index 000000000..936eef929 --- /dev/null +++ b/documentation/bookmark/community.md @@ -0,0 +1,6 @@ +# Reference + +0. [Don’t feed the trolls, and other hideous lies: The mantra about the best way to respond to online abuse has only made it worse](https://www.theverge.com/2018/7/12/17561768/dont-feed-the-trolls-online-harassment-abuse) +0. [Program Management for Open Source Projects: How to Guide Your Community-Driven, Open Source Project](https://pragprog.com/titles/bcosp/program-management-for-open-source-projects/) +0. [Inclusive IT Language Guide](https://www.oit.uci.edu/wp-content/uploads/Inclusive-Language-Guide.pdf) + diff --git a/documentation/bookmark/community/contribution.md b/documentation/bookmark/community/contribution.md new file mode 100644 index 000000000..01a5587fd --- /dev/null +++ b/documentation/bookmark/community/contribution.md @@ -0,0 +1,5 @@ +# Exemplar + +0. [language-lux: Atom language support for the Lux programming language](https://github.com/fachammer/language-lux) +0. [LuxAndroidPlugin: A gradle plugin for building Android apps with Lux](https://github.com/xran-deex/LuxAndroidPlugin) + diff --git a/documentation/bookmark/community_contributions.md b/documentation/bookmark/community_contributions.md deleted file mode 100644 index a250eb84a..000000000 --- a/documentation/bookmark/community_contributions.md +++ /dev/null @@ -1,5 +0,0 @@ -# Reference - -1. [language-lux: Atom language support for the Lux programming language](https://github.com/fachammer/language-lux) -1. [LuxAndroidPlugin: A gradle plugin for building Android apps with Lux](https://github.com/xran-deex/LuxAndroidPlugin) - diff --git a/documentation/bookmark/concurrency/semaphore.md b/documentation/bookmark/concurrency/semaphore.md new file mode 100644 index 000000000..81b47ba45 --- /dev/null +++ b/documentation/bookmark/concurrency/semaphore.md @@ -0,0 +1,5 @@ +# Reference + +0. [The Little Book of Semaphores](https://greenteapress.com/wp/semaphores/) +0. [The Little Book of Semaphores](https://greenteapress.com/semaphores/LittleBookOfSemaphores.pdf) + diff --git a/documentation/bookmark/data_structure/persistent.md b/documentation/bookmark/data_structure/persistent.md new file mode 100644 index 000000000..abb205b80 --- /dev/null +++ b/documentation/bookmark/data_structure/persistent.md @@ -0,0 +1,4 @@ +# Reference + +0. [A Hash Map for Graph Processing Workloads & a Methodology for Transactional Data Structures - CppCon](https://www.youtube.com/watch?v=aeC8yCwQJ-E) + diff --git a/documentation/bookmark/game/generation/map.md b/documentation/bookmark/game/generation/map.md new file mode 100644 index 000000000..e3da25f7d --- /dev/null +++ b/documentation/bookmark/game/generation/map.md @@ -0,0 +1,4 @@ +# Reference + +0. [Procedural Worlds from Simple Tiles](https://ijdykeman.github.io/ml/2017/10/12/wang-tile-procedural-generation.html) + diff --git a/documentation/bookmark/math/number/dual.md b/documentation/bookmark/math/number/dual.md index 345bddca3..cda9d5d8e 100644 --- a/documentation/bookmark/math/number/dual.md +++ b/documentation/bookmark/math/number/dual.md @@ -1,14 +1,15 @@ # Reference -1. [Sensitivity of y w.r.t. to x in y=f(x) where f is a routine](https://scicomp.stackexchange.com/questions/38899/sensitivity-of-y-w-r-t-to-x-in-y-fx-where-f-is-a-routine/38900#38900) -1. [Differentiable programming](https://en.wikipedia.org/wiki/Differentiable_programming) -1. [Ditching Backpropagation: Automatic Differentiation and Dual Numbers](https://matiasmorant.wordpress.com/2017/12/29/dual-numbers/) -1. [The Dual Numbers](https://www.youtube.com/watch?v=4nU-09e3iP8) -1. [Dual number](https://en.wikipedia.org/wiki/Dual_number) +0. [Dual/Codual numbers for Forward/Reverse Automatic Differentiation](https://higherlogics.blogspot.com/2020/05/dualcodual-numbers-for-forwardreverse.html) +0. [Sensitivity of y w.r.t. to x in y=f(x) where f is a routine](https://scicomp.stackexchange.com/questions/38899/sensitivity-of-y-w-r-t-to-x-in-y-fx-where-f-is-a-routine/38900#38900) +0. [Differentiable programming](https://en.wikipedia.org/wiki/Differentiable_programming) +0. [Ditching Backpropagation: Automatic Differentiation and Dual Numbers](https://matiasmorant.wordpress.com/2017/12/29/dual-numbers/) +0. [The Dual Numbers](https://www.youtube.com/watch?v=4nU-09e3iP8) +0. [Dual number](https://en.wikipedia.org/wiki/Dual_number) # Dual Quaternions -1. [Dual Quaternions for Mere Mortals](https://www.jeremyong.com/math/2019/08/05/dual-quaternions-for-mere-mortals/) -1. [APPLICATION OF DUAL QUATERNIONS ON SELECTED PROBLEMS](https://otik.uk.zcu.cz/bitstream/11025/28563/1/phd_Application%20of%20dual%20quaternions%20on%20selected%20problems.pdf) -1. [GAME2020 0. Steven De Keninck. Dual Quaternions Demystified](https://www.youtube.com/watch?v=ichOiuBoBoQ) +0. [Dual Quaternions for Mere Mortals](https://www.jeremyong.com/math/2019/08/05/dual-quaternions-for-mere-mortals/) +0. [APPLICATION OF DUAL QUATERNIONS ON SELECTED PROBLEMS](https://otik.uk.zcu.cz/bitstream/11025/28563/1/phd_Application%20of%20dual%20quaternions%20on%20selected%20problems.pdf) +0. [GAME2020 0. Steven De Keninck. Dual Quaternions Demystified](https://www.youtube.com/watch?v=ichOiuBoBoQ) diff --git a/documentation/bookmark/probabilistic_data_structure.md b/documentation/bookmark/probabilistic_data_structure.md index 3d6c3bf84..32f31bf24 100644 --- a/documentation/bookmark/probabilistic_data_structure.md +++ b/documentation/bookmark/probabilistic_data_structure.md @@ -1,40 +1,41 @@ # Hash function -1. http://fastcompression.blogspot.com/2019/03/presenting-xxh3.html -1. http://cyan4973.github.io/xxHash/ +0. http://fastcompression.blogspot.com/2019/03/presenting-xxh3.html +0. http://cyan4973.github.io/xxHash/ # Reference -1. [Ribbon filter: practically smaller than Bloom and Xor](https://arxiv.org/abs/2103.02515) -1. [Xor Filters: Faster and Smaller Than Bloom Filters](https://lemire.me/blog/2019/12/19/xor-filters-faster-and-smaller-than-bloom-filters/) -1. [Morton Filters: Faster, Space-Efficient Cuckoo Filters via Biasing, Compression, and Decoupled Logical Sparsity](http://www.vldb.org/pvldb/vol11/p1041-breslow.pdf) -1. https://github.com/efficient/SuRF -1. https://welcometotheoryland.wordpress.com/2017/10/19/what-is-a-hash-function-it-depends-on-whos-speaking/ -1. http://docs.pipelinedb.com/probabilistic.html -1. [Probabilistic Data Structures](https://www.youtube.com/watch?v=F7EhDBfsTA8) -1. http://www.i-programmer.info/programming/theory/4641-the-invertible-bloom-filter.html -1. https://github.com/seiflotfy/hyperbitbit -1. https://blog.yld.io/2017/04/19/hyperloglog-a-probabilistic-data-structure/#.WPtT_R_6zCI -1. https://github.com/pawandubey/cuckoo_filter -1. https://cloud.google.com/blog/big-data/2017/07/counting-uniques-faster-in-bigquery-with-hyperloglog -1. https://blog.dataweave.com/using-probabilistic-data-structures-to-build-real-time-monitoring-dashboards-25b17c968c08 -1. https://bdupras.github.io/filter-tutorial/ -1. https://www.somethingsimilar.com/2012/05/21/the-opposite-of-a-bloom-filter/ -1. https://github.com/splatlab/cqf -1. [LogLog-Beta and More: A New Algorithm for Cardinality Estimation Based on LogLog Counting](https://arxiv.org/ftp/arxiv/papers/1612/1612.02284.pdf) -1. https://blog.acolyer.org/2017/08/08/a-general-purpose-counting-filter-making-every-bit-count/ -1. [Ode on a Random Urn (Functional Pearl)](https://www.youtube.com/watch?v=O37FMxLxm78) -1. http://smalldatum.blogspot.com/2018/09/bloom-filter-and-cuckoo-filter.html -1. https://hackernoon.com/cuckoo-filter-vs-bloom-filter-from-a-gophers-perspective-94d5e6c53299 -1. https://github.com/axiomhq/hyperminhash +0. [Binary Fuse Filters: Fast and Smaller Than Xor Filters](https://arxiv.org/abs/2201.01174) +0. [Ribbon filter: practically smaller than Bloom and Xor](https://arxiv.org/abs/2103.02515) +0. [Xor Filters: Faster and Smaller Than Bloom Filters](https://lemire.me/blog/2019/12/19/xor-filters-faster-and-smaller-than-bloom-filters/) +0. [Morton Filters: Faster, Space-Efficient Cuckoo Filters via Biasing, Compression, and Decoupled Logical Sparsity](http://www.vldb.org/pvldb/vol11/p1041-breslow.pdf) +0. https://github.com/efficient/SuRF +0. https://welcometotheoryland.wordpress.com/2017/10/19/what-is-a-hash-function-it-depends-on-whos-speaking/ +0. http://docs.pipelinedb.com/probabilistic.html +0. [Probabilistic Data Structures](https://www.youtube.com/watch?v=F7EhDBfsTA8) +0. http://www.i-programmer.info/programming/theory/4641-the-invertible-bloom-filter.html +0. https://github.com/seiflotfy/hyperbitbit +0. https://blog.yld.io/2017/04/19/hyperloglog-a-probabilistic-data-structure/#.WPtT_R_6zCI +0. https://github.com/pawandubey/cuckoo_filter +0. https://cloud.google.com/blog/big-data/2017/07/counting-uniques-faster-in-bigquery-with-hyperloglog +0. https://blog.dataweave.com/using-probabilistic-data-structures-to-build-real-time-monitoring-dashboards-25b17c968c08 +0. https://bdupras.github.io/filter-tutorial/ +0. https://www.somethingsimilar.com/2012/05/21/the-opposite-of-a-bloom-filter/ +0. https://github.com/splatlab/cqf +0. [LogLog-Beta and More: A New Algorithm for Cardinality Estimation Based on LogLog Counting](https://arxiv.org/ftp/arxiv/papers/1612/1612.02284.pdf) +0. https://blog.acolyer.org/2017/08/08/a-general-purpose-counting-filter-making-every-bit-count/ +0. [Ode on a Random Urn (Functional Pearl)](https://www.youtube.com/watch?v=O37FMxLxm78) +0. http://smalldatum.blogspot.com/2018/09/bloom-filter-and-cuckoo-filter.html +0. https://hackernoon.com/cuckoo-filter-vs-bloom-filter-from-a-gophers-perspective-94d5e6c53299 +0. https://github.com/axiomhq/hyperminhash ## Bloom filter -1. [Word-aligned Bloom filters](https://lemire.me/blog/2021/10/03/word-aligned-bloom-filters/) -1. [Bloom Filters by Example](https://llimllib.github.io/bloomfilter-tutorial/) -1. [Bloom Filters - Much, much more than a space efficient hashmap!](https://boyter.org/posts/bloom-filter/) -1. [Teaching Bloom Filters new tricks](https://toao.com/blog/teaching-bloom-filters-new-tricks) -1. http://www.partow.net/programming/bloomfilter/idx.html -1. https://sagi.io/2017/07/bloom-filters-for-the-perplexed/ -1. https://medium.com/orbs-network/constructing-bloom-filters-without-false-positives-7aaf50b92f3b +0. [Word-aligned Bloom filters](https://lemire.me/blog/2021/10/03/word-aligned-bloom-filters/) +0. [Bloom Filters by Example](https://llimllib.github.io/bloomfilter-tutorial/) +0. [Bloom Filters - Much, much more than a space efficient hashmap!](https://boyter.org/posts/bloom-filter/) +0. [Teaching Bloom Filters new tricks](https://toao.com/blog/teaching-bloom-filters-new-tricks) +0. http://www.partow.net/programming/bloomfilter/idx.html +0. https://sagi.io/2017/07/bloom-filters-for-the-perplexed/ +0. https://medium.com/orbs-network/constructing-bloom-filters-without-false-positives-7aaf50b92f3b diff --git a/documentation/bookmark/security.md b/documentation/bookmark/security.md index 7cfd9bc2a..619a182d7 100644 --- a/documentation/bookmark/security.md +++ b/documentation/bookmark/security.md @@ -1,131 +1,132 @@ # Anti-Debugging -1. [JavaScript AntiDebugging Tricks](https://x-c3ll.github.io/posts/javascript-antidebugging/) +0. [JavaScript AntiDebugging Tricks](https://x-c3ll.github.io/posts/javascript-antidebugging/) # Supply chain -1. [chainguard](https://chainguard.dev/) +0. [chainguard](https://chainguard.dev/) # Restraint | Sand-boxing -1. [JavaScript Restrictor](https://polcak.github.io/jsrestrictor/) +0. [JavaScript Restrictor](https://polcak.github.io/jsrestrictor/) # Memory -1. [Provably Safe Pointers for a Parallel World](https://www.youtube.com/watch?v=ugf58HNd7Rg) +0. [Provably Safe Pointers for a Parallel World](https://www.youtube.com/watch?v=ugf58HNd7Rg) # User/human-level -1. [Securing your development environment](https://stsewd.dev/posts/securing-your-dev-environment/) -1. [Security Checklist: Tools and resources designed to improve your online privacy, safety, and security.](https://brianlovin.com/security) +0. [Securing your development environment](https://stsewd.dev/posts/securing-your-dev-environment/) +0. [Security Checklist: Tools and resources designed to improve your online privacy, safety, and security.](https://brianlovin.com/security) # Secrets | Confidentiality -1. [ConfLLVM: A Compiler for Enforcing Data Confidentiality in Low-level Code](https://www.microsoft.com/en-us/research/publication/an-instrumenting-compiler-for-enforcing-confidentiality-in-low-level-code/) -1. [How to Handle Secrets on the Command Line](https://smallstep.com/blog/command-line-secrets/) +0. [ConfLLVM: A Compiler for Enforcing Data Confidentiality in Low-level Code](https://www.microsoft.com/en-us/research/publication/an-instrumenting-compiler-for-enforcing-confidentiality-in-low-level-code/) +0. [How to Handle Secrets on the Command Line](https://smallstep.com/blog/command-line-secrets/) # Capability -1. [A Comparison of the Capability Systems of Encore, Pony and Rust](https://uu.diva-portal.org/smash/get/diva2:1363822/FULLTEXT01.pdf) +0. [A Comparison of the Capability Systems of Encore, Pony and Rust](https://uu.diva-portal.org/smash/get/diva2:1363822/FULLTEXT01.pdf) # Homomorphic encryption -1. https://github.com/Microsoft/SEAL +0. https://github.com/Microsoft/SEAL # Privacy -1. [Programming Differential Privacy](https://uvm-plaid.github.io/programming-dp/intro.html) -1. https://privacypatterns.org/ +0. [Programming Differential Privacy](https://uvm-plaid.github.io/programming-dp/intro.html) +0. https://privacypatterns.org/ # Inspiration -1. [Kasm: Desktop and Browser Isolation Platform](https://www.kasmweb.com/) -1. https://www.mailvelope.com +0. [Kasm: Desktop and Browser Isolation Platform](https://www.kasmweb.com/) +0. https://www.mailvelope.com # Finger-printing -1. [How Browser Fingerprinting Works](https://kevq.uk/how-browser-fingerprinting-works/) -1. https://github.com/Valve/fingerprintjs2 +0. [How Browser Fingerprinting Works](https://kevq.uk/how-browser-fingerprinting-works/) +0. https://github.com/Valve/fingerprintjs2 # Access Control List -1. [Capirca: Multi-platform ACL generation system](https://github.com/google/capirca) +0. [Capirca: Multi-platform ACL generation system](https://github.com/google/capirca) # Return-oriented programming -1. https://github.com/immunant/selfrando +0. https://github.com/immunant/selfrando # Static analysis -1. [Cam Tenny - Beyond the Paper - End-to-End Program Analysis](https://www.youtube.com/watch?v=hmDz0Rv6hKI) -1. https://www.curry-on.org/2019/sessions/beyond-the-paper-end-to-end-program-analysis.html +0. [Cam Tenny - Beyond the Paper - End-to-End Program Analysis](https://www.youtube.com/watch?v=hmDz0Rv6hKI) +0. https://www.curry-on.org/2019/sessions/beyond-the-paper-end-to-end-program-analysis.html # Programming language -1. [Secure Compilation](https://blog.sigplan.org/2019/07/01/secure-compilation/) +0. [Secure Compilation](https://blog.sigplan.org/2019/07/01/secure-compilation/) # Cautionary tale -1. [Thou Shalt Not Depend on Me: A look at JavaScript libraries in the wild](https://queue.acm.org/detail.cfm?id=3205288) -1. https://medium.com/@nodepractices/were-under-attack-23-node-js-security-best-practices-e33c146cb87d +0. [Thou Shalt Not Depend on Me: A look at JavaScript libraries in the wild](https://queue.acm.org/detail.cfm?id=3205288) +0. https://medium.com/@nodepractices/were-under-attack-23-node-js-security-best-practices-e33c146cb87d # Surface area -1. [Towards Automated Application-Specific Software Stacks](https://arxiv.org/pdf/1907.01933.pdf) +0. [Towards Automated Application-Specific Software Stacks](https://arxiv.org/pdf/1907.01933.pdf) # Vulnerability -1. [SAML is insecure by design](https://joonas.fi/2021/08/saml-is-insecure-by-design/) -1. [Against Cipher Agility in Cryptography Protocols](https://paragonie.com/blog/2019/10/against-agility-in-cryptography-protocols) -1. [Padding the struct: How a compiler optimization can disclose stack memory](https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2019/october/padding-the-struct-how-a-compiler-optimization-can-disclose-stack-memory/) -1. [PCG generators are easily “crackable”](https://news.ycombinator.com/item?id=21475210) -1. [Safely Creating And Using Temporary Files](https://www.netmeister.org/blog/mktemp.html) -1. [CSS Injection Primitives](https://x-c3ll.github.io/posts/CSS-Injection-Primitives/) -1. https://medium.com/@shnatsel/how-rusts-standard-library-was-vulnerable-for-years-and-nobody-noticed-aebf0503c3d6 -1. [ACLs don’t](http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.406.4684&rep=rep1&type=pdf) -1. https://www.cs.auckland.ac.nz/~pgut001/pubs/book.pdf -1. https://pwnedkeys.com/ -1. [What Spectre Means for Lanugage Implementers - Ben Titzer - PLISS 2019](https://www.youtube.com/watch?v=FGX-KD5Nh2g) -1. https://rambleed.com/ -1. https://browserleaks.com/ +0. [SAML is insecure by design](https://joonas.fi/2021/08/saml-is-insecure-by-design/) +0. [Against Cipher Agility in Cryptography Protocols](https://paragonie.com/blog/2019/10/against-agility-in-cryptography-protocols) +0. [Padding the struct: How a compiler optimization can disclose stack memory](https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2019/october/padding-the-struct-how-a-compiler-optimization-can-disclose-stack-memory/) +0. [PCG generators are easily “crackable”](https://news.ycombinator.com/item?id=21475210) +0. [Safely Creating And Using Temporary Files](https://www.netmeister.org/blog/mktemp.html) +0. [CSS Injection Primitives](https://x-c3ll.github.io/posts/CSS-Injection-Primitives/) +0. https://medium.com/@shnatsel/how-rusts-standard-library-was-vulnerable-for-years-and-nobody-noticed-aebf0503c3d6 +0. [ACLs don’t](http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.406.4684&rep=rep1&type=pdf) +0. https://www.cs.auckland.ac.nz/~pgut001/pubs/book.pdf +0. https://pwnedkeys.com/ +0. [What Spectre Means for Lanugage Implementers - Ben Titzer - PLISS 2019](https://www.youtube.com/watch?v=FGX-KD5Nh2g) +0. https://rambleed.com/ +0. https://browserleaks.com/ # Reference -1. [Secure By Design](https://www.amazon.com/Secure-Design-Daniel-Deogun/dp/1617294357) -1. [Intro to Just-In-Time Access](https://compliance.dev/2021/04/29/introduction-to-just-in-time-access/) -1. https://www.nomoreransom.org/en/index.html -1. [Open Source Security Foundation (OpenSSF)](https://openssf.org/) -1. [Don't get pwned: practicing the principle of least privilege](https://cloud.google.com/blog/products/identity-security/dont-get-pwned-practicing-the-principle-of-least-privilege) -1. [Good Practices for Capability URLs](https://www.w3.org/TR/capability-urls/) -1. [Secure Socket API](https://securesocketapi.org/) -1. [Mind your Language(s): A discussion about languages and security](https://www.ssi.gouv.fr/uploads/IMG/pdf/Mind_Your_Languages_-_version_longue.pdf) -1. https://www.microsoft.com/en-us/research/blog/scaling-the-everest-of-software-security-with-dr-jonathan-protzenko/ -1. https://www.owasp.org/index.php/Main_Page -1. https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project -1. https://wiki.sei.cmu.edu/confluence/display/seccode/Top+10+Secure+Coding+Practices -1. https://www.archive.ece.cmu.edu/~grey/ -1. http://www.cs.umd.edu/projects/PL/selinks/ -1. http://www.cis.upenn.edu/~stevez/sol/related.html -1. https://www.bsimm.com/ -1. https://www.microsoft.com/en-us/securityengineering/sdl/ -1. https://www.engineeringtrustworthysystems.com/ -1. http://www.ats-lang.org/ -1. http://www.cis.upenn.edu/~stevez/papers/publications.html -1. http://collingreene.com/6_buckets_of_prodsec.html -1. [On Post-Compromise Security](https://eprint.iacr.org/2016/221.pdf) -1. https://messaginglayersecurity.rocks/ -1. https://github.blog/2019-05-23-introducing-new-ways-to-keep-your-code-secure/ -1. [RustBelt](https://plv.mpi-sws.org/rustbelt/popl18/) -1. https://github.com/dckc/awesome-ocap -1. https://projects.csail.mit.edu/jeeves/ -1. https://www.sans.org/top25-software-errors/ -1. https://www.owasp.org/index.php/Top_10_2013-Top_10 -1. https://nvd.nist.gov/cwe.cfm -1. https://en.wikipedia.org/wiki/Software_Development_Security -1. http://gigi.nullneuron.net/gigilabs/the-sorry-state-of-the-web-in-2016/ -1. http://www.ranum.com/security/computer_security/editorials/dumb/index.html -1. [Information Technology — Programming languages — Guidance to avoiding vulnerabilities in programming languages](http://www.open-std.org/jtc1/sc22/wg23/docs/ISO-IECJTC1-SC22-WG23_N0751-tr24772-1-after-pre-meeting-51-webex-20171016.pdf) +0. [CS 253 Web Security](https://web.stanford.edu/class/cs253/) +0. [Secure By Design](https://www.amazon.com/Secure-Design-Daniel-Deogun/dp/1617294357) +0. [Intro to Just-In-Time Access](https://compliance.dev/2021/04/29/introduction-to-just-in-time-access/) +0. https://www.nomoreransom.org/en/index.html +0. [Open Source Security Foundation (OpenSSF)](https://openssf.org/) +0. [Don't get pwned: practicing the principle of least privilege](https://cloud.google.com/blog/products/identity-security/dont-get-pwned-practicing-the-principle-of-least-privilege) +0. [Good Practices for Capability URLs](https://www.w3.org/TR/capability-urls/) +0. [Secure Socket API](https://securesocketapi.org/) +0. [Mind your Language(s): A discussion about languages and security](https://www.ssi.gouv.fr/uploads/IMG/pdf/Mind_Your_Languages_-_version_longue.pdf) +0. https://www.microsoft.com/en-us/research/blog/scaling-the-everest-of-software-security-with-dr-jonathan-protzenko/ +0. https://www.owasp.org/index.php/Main_Page +0. https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project +0. https://wiki.sei.cmu.edu/confluence/display/seccode/Top+10+Secure+Coding+Practices +0. https://www.archive.ece.cmu.edu/~grey/ +0. http://www.cs.umd.edu/projects/PL/selinks/ +0. http://www.cis.upenn.edu/~stevez/sol/related.html +0. https://www.bsimm.com/ +0. https://www.microsoft.com/en-us/securityengineering/sdl/ +0. https://www.engineeringtrustworthysystems.com/ +0. http://www.ats-lang.org/ +0. http://www.cis.upenn.edu/~stevez/papers/publications.html +0. http://collingreene.com/6_buckets_of_prodsec.html +0. [On Post-Compromise Security](https://eprint.iacr.org/2016/221.pdf) +0. https://messaginglayersecurity.rocks/ +0. https://github.blog/2019-05-23-introducing-new-ways-to-keep-your-code-secure/ +0. [RustBelt](https://plv.mpi-sws.org/rustbelt/popl18/) +0. https://github.com/dckc/awesome-ocap +0. https://projects.csail.mit.edu/jeeves/ +0. https://www.sans.org/top25-software-errors/ +0. https://www.owasp.org/index.php/Top_10_2013-Top_10 +0. https://nvd.nist.gov/cwe.cfm +0. https://en.wikipedia.org/wiki/Software_Development_Security +0. http://gigi.nullneuron.net/gigilabs/the-sorry-state-of-the-web-in-2016/ +0. http://www.ranum.com/security/computer_security/editorials/dumb/index.html +0. [Information Technology — Programming languages — Guidance to avoiding vulnerabilities in programming languages](http://www.open-std.org/jtc1/sc22/wg23/docs/ISO-IECJTC1-SC22-WG23_N0751-tr24772-1-after-pre-meeting-51-webex-20171016.pdf) # Control-flow integrity -1. [On the Effectiveness of Type-based Control Flow Integrity](https://sajjadium.github.io/files/acsac2018typecfi_paper.pdf) +0. [On the Effectiveness of Type-based Control Flow Integrity](https://sajjadium.github.io/files/acsac2018typecfi_paper.pdf) |