Top 25 common programming bugs every tester should know
This is the article which I came accros. It's really good and hence I am including this article over here.
Just a quick note to share a useful resource with you. Just came across a good article "25 common programming errors" for software programmers and software testers. Basically this is more useful for programmers but I think software testers can get insight on how developers can unknowingly leave bugs in software programs.
Each bug listed in this resource can lead to serious software vulnerabilities if not fixed. The top 25 security bugs list will help programmers to avoid some common but serious coding mistakes. For software testers list will be useful as a security testing checklist for Internet as well as for testing desktop application.
Here are few top security vulnerabilities discussed in detail in this article:
Improper input validation
Improper escaping of output or encoding
SQL injection
Cross-site scripting
Race conditions
Information leak in error messages
Error while transmitting sensitive information
Memory leak
External control of critical data and file paths
Improper initialization
Improper authorization
Client side security checks
I think, the most common security vulnerability mistake developers make is "Client side enforcement of server side security".
Check out below article so that you can at least help developers for improving their code standards
Top 25 common programming Errors
0 comments:
Post a Comment