A great reference is David Wheeler's Secure Programming for Linux and Unix HOWTO. Much of it applies to programming in general. Many other things at his web site are very helpful, see: http://www.dwheeler.com/
The underlying technology of most modern exploits is some sort sort of buffer overflow. Here is a great resource on their cause and prevention: http://min.ecn.purdue.edu/~cyprian/BoF_Page.html
From David Wheeler's paper, free software except as noted:
See the web security page for this list.
PyChecker checks for common Python bugs: http://pychecker.sourceforge.net/
Some interesting comments about the leaked Windows source code: http://www.kuro5hin.org/story/2004/2/15/71552/7795
The Metasploit Project is an open-source code library for developing and running exploits: http://www.metasploit.com/index.html
| Home Page | Site Map | Public Key |
|
|
|
|
|
|
| © Bob Cromwell Jul 2008. Created with /bin/vi, hosted on OpenBSD with Apache. Root password available here | ||||