Pelino-Courses/VulnerableApp

Activity: Django Web Security Lab

Instructions:

1. Fork the provided repository with this insecure Django application.
2. Analyze the code for vulnerabilities.
3. Fix the identified security flaws.
4. Provide a pull request with your code fixes.
5. Add a classmate as a reviewer to your pull request for reviewing your code
6. [For reviewer] Review the code of your classmate and provide security suggestions and tips the identified security flaws in each task.

Resources:

General Django Resources:

1. Django Documentation: The official documentation for Django. Comprehensive guides and references for all aspects of Django development.

2. Django for Beginners: A beginner-friendly online book that walks through building a Django web application from scratch.

3. Django Girls Tutorial: A step-by-step tutorial for beginners, providing hands-on experience with building a Django web application.

Web Security Resources:

1. OWASP Web Security Testing Guide: A comprehensive guide to testing the security of web applications, including tutorials on identifying and mitigating common vulnerabilities.

2. Mozilla Web Security Guidelines: Mozilla's guidelines on web security practices, covering various aspects of secure web development.

3. Web Security Academy: Free online learning platform by PortSwigger, the creators of Burp Suite. It covers a wide range of web security topics with hands-on labs.

Django Security Best Practices:

1. Django Security Best Practices: The official Django documentation on security best practices. Essential reading for developers working with Django.

2. Django Security Checklist: A checklist of security measures to consider when developing Django applications.

3. Python and Django Security: Mozilla's guide on security practices specifically related to Python and Django.

Security Libraries for Django:

1. django-crispy-forms: A Django app that lets you control the rendering behavior of Django forms.

2. django-secure: A collection of settings to enhance the security of a Django project.

3. django-allauth: A Django app for handling user authentication, registration, account management, and more.

Additional Learning Platforms:

1. Coursera - Web Application Technologies and Django: A specialization on Coursera covering web application development using Django.

2. edX - Introduction to Django: An introductory course on edX for learning Django.

3. Real Python: Real Python offers a variety of tutorials and articles on Python and Django, including web development and security topics.