Cool Sites

尽快学习完成这个网页

https://www.sitepoint.com/php-security-cross-site-scripting-attacks-xss/

https://msdn.microsoft.com/en-us/library/ff650760.aspx

 

https://msdn.microsoft.com/en-us/library/ff649310.aspx

 https://vulncat.fortify.com/en/vulncat/IPV.html

http://www.sqlinjection.net/

 

http://blog.csdn.net/wd330260402/article/details/5977989

 

http://www.w3school.com.cn/asp/met_htmlencode.asp

 

https://wiki.mobilehealth.va.gov/display/OISSWA/How+to+resolve+scanning+issues+reported+by+Fortify

 https://msdn.microsoft.com/en-us/library/ff649310.aspx

 

https://msdn.microsoft.com/en-us/library/system.security.cryptography.passwordderivebytes(v=vs.110).aspx

Security Note：

Never hard-code a password within your source code.  Hard coded passwords can be retrieved from an assembly using the Ildasm.exe (IL Disassembler) tool, a hex editor, or by simply opening up the assembly in a text editor like notepad.exe.

 https://www.owasp.org/index.php/SQL_Injection_Prevention_Cheat_Sheet

 

http://www.activexperts.com/support/network-monitor/online/ii6metabase/

 

https://wiki.mobilehealth.va.gov/pages/viewpage.action?pageId=26772105

 

 http://www.ironshay.com/

http://codevalue.net/

 

http://blog.stevensanderson.com/2008/09/01/prevent-cross-site-request-forgery-csrf-using-aspnet-mvcs-antiforgerytoken-helper/