Just a quick note to share a useful resource with you. Just came across a good article “25 common programming errors” for software programmers and software testers. Basically this is more useful for programmers but I think software testers can get insight on how developers can unknowingly leave bugs in software programs.
Each bug listed in this resource can lead to serious software vulnerabilities if not fixed. The top 25 security bugs list will help programmers to avoid some common but serious coding mistakes. For software testers list will be useful as a security testing checklist for Internet as well as for testing desktop application.
Here are few top security vulnerabilities discussed in detail in this article:
Improper input validation
Improper escaping of output or encoding
Information leak in error messages
Error while transmitting sensitive information
External control of critical data and file paths
Client side security checks
I think, the most common security vulnerability mistake developers make is “Client side enforcement of server side security”.
Check out below article so that you can at least help developers for improving their code standards25 common programming errors
来自 “ ITPUB博客 ” ，链接：http://blog.itpub.net/11379785/viewspace-608599/，如需转载，请注明出处，否则将追究法律责任。