Folders and files

Name		Name	Last commit message	Last commit date
Latest commit History 267 Commits
dist		dist
src		src
.gitignore		.gitignore
CONTRIBUTING.md		CONTRIBUTING.md
Dockerfile		Dockerfile
LICENSE		LICENSE
README.md		README.md
VERSION		VERSION
book.json		book.json
docker-compose.yml		docker-compose.yml
package-lock.json		package-lock.json
package.json		package.json

Repository files navigation

You can download this book in the following formats:PDF,Mobi andePub.

Introduction

Go Language - Web Application Secure Coding Practices is a guide written foranyone who is using theGo Programming Language and aims to use it for webdevelopment.

It was originally created byCheckmarx Security Research Team and laterdonated to the OWASP Foundation: see theproject page. The book followstheOWASP Secure Coding Practices - Quick Reference Guide v2 (stable)release.

The main goal of this book is to help developers avoid common mistakes while atthe same time, learning a new programming language through a "hands-onapproach". This book provides a good level of detail on "how to do it securely"showing what kind of security problems could arise during development.

The Audience for this Book

The primary audience of the Go Secure Coding Practices Guide is developers,particularly the ones with previous experience with other programming languages.

The book is also a great reference to those learning programming for the firsttime, who have already finish theGo tour.

What You Will Learn

This book covers theOWASP Secure Coding Practices Guide topic-by-topic,providing examples and recommendations using Go, to help developers avoid commonmistakes and pitfalls.

After reading this book, you'll be more confident you're developing secure Goapplications.

About OWASP Secure Coding Practices

This book was adapted for Go Language from TheSecure Coding Practices QuickReference Guide, anOWASP - Open Web Application Security Project. Itis a "technology agnostic set of general software security coding practices, ina comprehensive checklist format, that can be integrated into the developmentlifecycle" (source).

OWASP itself is "an open community dedicated to enabling organizations toconceive, develop, acquire, operate, and maintain applications that can betrusted. All of the OWASP tools, documents, forums, and chapters are free andopen to anyone interested in improving application security" (source).

How to Contribute

This book was created using a few open source tools.If you're curious about how we built it from scratch, read theHow To contribute section.

License

This document is released under the Creative Commons Attribution-ShareAlike 4.0International license (CC BY-SA 4.0). For any reuse or distribution, you mustmake clear to others the license terms of this work.https://creativecommons.org/licenses/by-sa/4.0/