/ssdlc-project

This repository hosts a secure MERN (MongoDB, Express.js, React.js, Node.js) application designed for learning and implementing Secure Software Development Life Cycle Practices (SSDLCP). It focuses on integrating robust security measures following OWASP guidelines, including authentication, authorization, input validation.

Primary LanguageJavaScript

🚀 Secure MERN Application for SSDLCP

ℹ️ This project is a MERN (MongoDB, Express, React, Node.js) application designed to practice Secure Software Development Lifecycle Practices (SSDLCP). Initially, the application intentionally demonstrates various OWASP Top 10 security issues.

🛡️ Objective

The primary goal is to simulate and address common security vulnerabilities such as XSS, SQL Injection, CSRF, SSRF, and Input Validation Issues. This application serves as a controlled environment for learning about these vulnerabilities.

✨ Features

Vulnerable Implementation: Demonstrates initial OWASP vulnerabilities. Secure Coding Practice: Implements secure coding practices to mitigate vulnerabilities. OWASP Compliance: Adheres to OWASP guidelines and best practices. MongoDB Database: Utilizes MongoDB for data storage. 🔧 Technologies

Frontend: Built with React.js for the user interface. Backend: Powered by Node.js and Express for server-side logic. Database: MongoDB handles data storage. Security: Follows OWASP guidelines for secure development. 🔒 Security Enhancements

Gradually secures vulnerable aspects using industry-standard practices, ensuring robust security measures against potential threats.

📚 Usage

Clone the repository, follow setup instructions to explore vulnerabilities, implement fixes, and learn secure coding practices.

Topics:

Implementing OWASP Top 10 in a Secure MERN Application Secure Authentication and Authorization in MERN Stack Protecting Against SQL Injection in a MERN Application Implementing Secure Input Validation in MERN Using JWT for Secure Authentication in a MERN Stack Secure Handling of Session Management in MERN Applications Applying Content Security Policy (CSP) in a MERN Stack Implementing HTTPS and TLS/SSL in MERN Applications Securing APIs in a MERN Application Role-Based Access Control (RBAC) in MERN Applications