A guided tour on your journey to developing Secure Web Applications.
The intent of this work is to demonstrate how to defend your web application against security breaches. This knowledge is a double-edged sword - the same knowledge needed to defend your application could also be used to attack another system.
You should never use this knowledge to attack systems other than your own, unless you have entered into a signed, legal "ethical hacking" agreement with the targeted party. Doing otherwise may expose you to legal risks, including fines and jail time.
You agree that you are solely responsible for your actions and use of the information contained in this work. Under no circumstances will the author be held legally liable for your use of this information.
The content of this work is licensed under a Creative Commons Attribution 3.0 Unported License. This work may also link to external resources - those resources remain licensed under their own terms, which may be different.
This work also references code samples contained in the same git repository as this content. Creative Commons discourages applying their licenses to source code. Therefore, the source code contained in this work is released under Unlicense.
Be aware that many of the code samples in this repository are intentionally insecure in order to demonstrate a particular vulnerability. Therefore you should be very careful about reusing code in these examples to ensure that your are only using "patched" code for production systems.