1
XSS from text/template
Learn why using text/template or string concatenation for HTML is dangerous
2
Integer overflow in the wild: infinite loop
Learn how integer overflow in a power-of-2 loop can cause infinite loops and DOS attacks
2
Goroutine Leaks
Learn how to prevent goroutine leaks using context.Context and proper channel handling
3
Data Races
Understand data races and how to prevent them with proper synchronization
4
Safe Map Initialization
Learn why nil maps panic on write and how to initialize them safely
5
Integer Overflow
Understand integer overflow/underflow vulnerabilities and safe type casting
10
PEM Decoding Nil Check
Learn why pem.Decode can return nil and how to handle it safely
11
Nonce Initialization
Understand why zero nonces break GCM security and how to randomize them
12
Nonce Reuse Vulnerability
Learn why reusing nonces is catastrophic for GCM security
13
Weak Encryption Algorithms
Identify broken algorithms (DES, RC4) and use secure alternatives
14
Timing Attack Prevention
Use constant-time comparison to prevent timing attacks on secrets
15
Secure Random Numbers
Use crypto/rand instead of math/rand for security-sensitive values
16
TLS Certificate Verification
Never disable TLS certificate verification - it enables MITM attacks
17
Key Management
Never hardcode encryption keys - use environment variables or secret managers