Secure Coding

As part of a semester-long project in a secure coding course, I developed and analyzed a web application with a focus on software security. The project was split into two phases: secure development and peer vulnerability auditing.

university

University of Maryland • graduate course

focus areas

C# / .NET secure development SDLC code auditing vulnerability assessment CWE mapping

🧩 phase 1: application development

designed & built a C#/.NET web application applying secure software design and SDLC principles.
implemented authentication, input validation, and business logic with defenses against XSS, SQL injection, and insecure sessions.
followed clean, maintainable, security-conscious coding practices.

🔍 phase 2: peer code audit

audited another student’s application via manual review and tools like Burp Suite and Hydra.
mapped vulnerabilities to CWE for standardized classification.
produced a detailed report with descriptions, technical context, severity, impact, and remediation strategies.

Secure coding and peer code audit in progress — Secure Coding & Code Audit

🧰 tools & skills used

C# / .NET web development
Burp Suite – interception & traffic analysis
Hydra – brute-force testing
CWE-based vulnerability classification
secure code review & peer auditing
secure development lifecycle (SDLC)

outcomes

Strengthened my ability to both build and break software—gaining hands-on experience in identifying and mitigating vulnerabilities through structured code reviews and secure development practices.

references & practice

Back to Education