Add Resources pt 2

[AOrps]

Unsorted

• https://owasp.org/www-project-webgoat/
• https://github.com/openrewrite/rewrite
• https://edu.chainguard.dev/software-security/secure-software-development/
• https://shellspec.info/
• https://codeql.github.com/
• https://github.com/dodie/testing-in-bash
• https://bach.sh/
• https://github.com/ossf/alpha-omega/tree/main

Places:

• https://www.simspace.com/
• https://securitylab.github.com/bounties/
• https://github.blog/2022-08-15-the-next-step-for-lgtm-com-github-code-scanning/
• https://swagger.io/
• https://www.openapis.org/
• https://codeql.github.com/docs/writing-codeql-queries/ql-tutorials/
• https://ia903404.us.archive.org/0/items/pdfy-MgN0H1joIoDVoIC7/The_AWK_Programming_Language.pdf
• https://pubs.opengroup.org/security/openfair-process-guide/

[AOrps]

• https://www.microsoft.com/en-gb/industry/blog/cross-industry/2021/09/06/future-proof-secure-against-cyberattacks/
• https://todogroup.org/blog/ospo-definition/
• https://github.com/ossf/education/issues/72
• https://www.orca-ai.io/careers/
• https://www.securityknowledgeframework.org/
• https://google.github.io/osv.dev/faq/
• https://github.com/ossf/osv-schema
• https://www.shellhacks.com/bash-colors/

[AOrps]

• https://slsa.dev/spec/v1.0/threats-overview
• https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++
• https://github.com/microsoft/sarif-tutorials/blob/main/docs/2-Basics.md
• https://testanything.org/
• https://lfaidata.foundation/projects/ml-security-committee/
• https://www.ecma-international.org/task-groups/tc39-tg3/

[AOrps]

• https://sethmlarson.dev/security-developer-in-residence-weekly-report-1
• https://www.cyberjiujiteira.com/post/getting-started-in-cyber-security-series
• https://drive.google.com/file/d/1ocTZqby8-pufS_bRqjXGDO7TQo30hiix/view?ts=64777384
• https://www.exploit-db.com/google-hacking-database
• https://rurban.github.io/safeclib/doc/safec-3.7.0/index.html
• https://certifications.tcm-sec.com/
• https://offsec.tools/

[AOrps]

• https://www.incidentresponse.org/
• https://baileysoriginalirishtech.blogspot.com/2017/12/getting-into-re.html
• https://github.com/cybeats
• https://spdx.dev/
• https://pwn.college/

[AOrps]

• https://www.techradar.com/vpn/perfect-forward-secrecy-explained-everything-you-need-to-know
• https://blog.boot.dev/cryptography/elliptic-curve-cryptography/
• https://github.com/cr-marcstevens/hashclash
• https://www.win.tue.nl/hashclash/On%20Collisions%20for%20MD5%20-%20M.M.J.%20Stevens.pdf
• https://crypto.stackexchange.com/questions/76941/how-a-chosen-prefix-collision-is-more-useful-than-a-standard-collision-concernin
• https://www.mscs.dal.ca/~selinger/md5collision/
• https://crypto.stackexchange.com/questions/44151/how-does-the-flame-malware-take-advantage-of-md5-collision
• https://siv2r.substack.com/p/unmasking-the-birthday-attack-a-mathematical
• https://docs.gns3.com/
• https://www.win.tue.nl/hashclash/rogue-ca/
• https://www.sigstore.dev/
• https://github.com/mxrch/evilize/tree/master
• https://www.win.tue.nl/hashclash/
• https://marc-stevens.nl/p/hashclash/
• https://www.linkedin.com/posts/itprofessionalkevinapolinario_phase-0-starting-from-zero-learn-to-cloud-activity-7099185646975467520-3lMq?utm_source=share&utm_medium=member_desktop

[AOrps]

• https://slsa.dev/get-started
• https://en.wikipedia.org/wiki/Reachability_analysis
• https://www.nist.gov/publications/open-security-controls-assessment-language-oscal-schema-and-metaschema
• https://www.w3.org/2023/03/secure-the-web-forward/