Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/OWASP/Go-SCP
Golang Secure Coding Practices guide
https://github.com/OWASP/Go-SCP
appsec golang
Last synced: about 1 month ago
JSON representation
Golang Secure Coding Practices guide
- Host: GitHub
- URL: https://github.com/OWASP/Go-SCP
- Owner: OWASP
- License: cc-by-sa-4.0
- Created: 2017-04-03T12:16:29.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2024-05-31T08:03:49.000Z (6 months ago)
- Last Synced: 2024-10-29T15:05:12.148Z (about 1 month ago)
- Topics: appsec, golang
- Language: Go
- Homepage: https://owasp.org/www-project-go-secure-coding-practices-guide/
- Size: 15.7 MB
- Stars: 4,842
- Watchers: 129
- Forks: 370
- Open Issues: 16
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
Awesome Lists containing this project
- DevSecOps - Go-SCP / Go programming language secure coding practices guide
- awesome-list - Go-SCP
- awesome-golang-security - OWASP Go - Secure Coding Practices - Go programming language secure coding practices guide. (Articles, Guides & Talks)
- awesome-hacking-lists - OWASP/Go-SCP - Golang Secure Coding Practices guide (Go)
- awesome - Go-SCP - Go programming language secure coding practices guide (Go)
README
You can download this book in the following formats: [PDF][9], [Mobi][10] and
[ePub][11].# Introduction
Go Language - Web Application Secure Coding Practices is a guide written for
anyone who is using the [Go Programming Language][1] and aims to use it for web
development.It was originally created by [Checkmarx Security Research Team][2] and later
donated to the OWASP Foundation: see the [project page][13]. The book follows
the [OWASP Secure Coding Practices - Quick Reference Guide v2 (stable)][3]
release.The main goal of this book is to help developers avoid common mistakes while at
the same time, learning a new programming language through a "hands-on
approach". This book provides a good level of detail on "how to do it securely"
showing what kind of security problems could arise during development.## The Audience for this Book
The primary audience of the Go Secure Coding Practices Guide is developers,
particularly the ones with previous experience with other programming languages.The book is also a great reference to those learning programming for the first
time, who have already finish the [Go tour][7].## What You Will Learn
This book covers the [OWASP Secure Coding Practices Guide][12] topic-by-topic,
providing examples and recommendations using Go, to help developers avoid common
mistakes and pitfalls.After reading this book, you'll be more confident you're developing secure Go
applications.## About OWASP Secure Coding Practices
This book was adapted for Go Language from The [Secure Coding Practices Quick
Reference Guide][3], an [OWASP][4] - Open Web Application Security Project. It
is a "_technology agnostic set of general software security coding practices, in
a comprehensive checklist format, that can be integrated into the development
lifecycle_" ([source][12]).[OWASP][4] itself is "_an open community dedicated to enabling organizations to
conceive, develop, acquire, operate, and maintain applications that can be
trusted. All of the OWASP tools, documents, forums, and chapters are free and
open to anyone interested in improving application security_" ([source][5]).## How to Contribute
This book was created using a few open source tools.
If you're curious about how we built it from scratch, read the
[How To contribute section][6].## License
This document is released under the Creative Commons Attribution-ShareAlike 4.0
International license (CC BY-SA 4.0). For any reuse or distribution, you must
make clear to others the license terms of this work.
[https://creativecommons.org/licenses/by-sa/4.0/][8][1]: https://golang.org
[2]: http://chkmrx.co/2sffXFr
[3]: https://owasp.org/www-project-secure-coding-practices-quick-reference-guide/
[4]: https://owasp.org/
[5]: https://owasp.org/about/
[6]: src/howto-contribute.md
[7]: https://go.dev/tour/
[8]: https://creativecommons.org/licenses/by-sa/4.0/
[9]: dist/go-webapp-scp.pdf
[10]: dist/go-webapp-scp.mobi
[11]: dist/go-webapp-scp.epub
[12]: https://owasp.org/www-project-secure-coding-practices-quick-reference-guide/#div-download
[13]: https://owasp.org/www-project-go-secure-coding-practices-guide/