A cheat sheet is a concise set of notes used for quick reference.
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific web application security topics. These cheat sheets were created by various application security professionals who have expertise in specific topics. We hope that the OWASP Cheat Sheet Series provides you with excellent security guidance in an easy to read format.
S.No | Name of the Cheat Sheet | Category | Link |
---|---|---|---|
1 | 3rd Party Javascript Management | Developer/Builder | Click Here |
2 | Access Control | Developer/Builder | Click Here |
3 | AJAX Security Cheat Sheet | Developer/Builder | Click Here |
4 | Authentication (ES) | Developer/Builder | Click Here |
5 | Bean Validation Cheat Sheet | Developer/Builder | Click Here |
6 | Choosing and Using Security Questions | Developer/Builder | Click Here |
7 | Clickjacking Defense | Developer/Builder | Click Here |
8 | C-Based Toolchain Hardening | Developer/Builder | Click Here |
9 | Credential Stuffing Prevention Cheat Sheet | Developer/Builder | Click Here |
10 | Cross-Site Request Forgery (CSRF) Prevention | Developer/Builder | Click Here |
11 | Cryptographic Storage | Developer/Builder | Click Here |
12 | Deserialization | Developer/Builder | Click Here |
13 | DOM based XSS Prevention | Developer/Builder | Click Here |
14 | Forgot Password | Developer/Builder | Click Here |
15 | HTML5 Security | Developer/Builder | Click Here |
16 | HTTP Strict Transport Security | Developer/Builder | Click Here |
17 | Injection Prevention Cheat Sheet | Developer/Builder | Click Here |
18 | Injection Prevention Cheat Sheet in Java | Developer/Builder | Click Here |
19 | JSON Web Token (JWT) Cheat Sheet for Java | Developer/Builder | Click Here |
20 | Input Validation | Developer/Builder | Click Here |
21 | JAAS | Developer/Builder | Click Here |
22 | LDAP Injection Prevention | Developer/Builder | Click Here |
23 | Logging | Developer/Builder | Click Here |
24 | Mass Assignment Cheat Sheet | Developer/Builder | Click Here |
25 | .NET Security | Developer/Builder | Click Here |
26 | OWASP Top Ten | Developer/Builder | Click Here |
27 | Password Storage | Developer/Builder | Click Here |
28 | Pinning | Developer/Builder | Click Here |
29 | Query Parameterization | Developer/Builder | Click Here |
30 | Ruby on Rails | Developer/Builder | Click Here |
31 | Session Management | Developer/Builder | Click Here |
32 | SAML Security | Developer/Builder | Click Here |
33 | SQL Injection Prevention | Developer/Builder | Click Here |
34 | Transaction Authorization | Developer/Builder | Click Here |
35 | Transport Layer Protection | Developer/Builder | Click Here |
36 | Unvalidated Redirects and Forwards | Developer/Builder | Click Here |
37 | User Privacy Protection | Developer/Builder | Click Here |
38 | Web Service Security | Developer/Builder | Click Here |
39 | XSS (Cross Site Scripting) Prevention | Developer/Builder | Click Here |
40 | XML External Entity (XXE) Prevention Cheat Sheet | Developer/Builder | Click Here |
41 | Attack Surface Analysis | Assessment / Breaker | Click Here |
42 | REST Assessment | Assessment / Breaker | Click Here |
43 | Web Application Security Testing | Assessment / Breaker | Click Here |
44 | XML Security Cheat Sheet | Assessment / Breaker | Click Here |
45 | XSS Filter Evasion | Assessment / Breaker | Click Here |
46 | Android Testing | Mobile | Click Here |
47 | IOS Developer | Mobile | Click Here |
48 | Mobile Jailbreaking | Mobile | Click Here |
49 | Virtual Patching | OpSec / Defender | Click Here |
50 | Application Security Architecture | Draft and Beta | Click Here |
51 | Business Logic Security | Draft and Beta | Click Here |
52 | Command Injection Defense Cheat Sheet | Draft and Beta | Click Here |
53 | Content Security Policy | Draft and Beta | Click Here |
54 | Denial of Service Cheat Sheet | Draft and Beta | Click Here |
55 | Grails Secure Code Review | Draft and Beta | Click Here |
56 | Insecure Direct Object Reference Prevention | Draft and Beta | Click Here |
57 | IOS Application Security Testing | Draft and Beta | Click Here |
58 | Key Management | Draft and Beta | Click Here |
59 | PHP Security | Draft and Beta | Click Here |
60 | REST Security | Draft and Beta | Click Here |
61 | Regular Expression Security Cheatsheet | Draft and Beta | Click Here |
62 | Secure Coding | Draft and Beta | Click Here |
63 | Secure SDLC | Draft and Beta | Click Here |
64 | Threat Modeling | Draft and Beta | Click Here |
65 | Vulnerability Disclosure | Draft and Beta | Click Here |
- Top 5 Tips to Prevent Online Scams
- Top 10 Platforms to Learn Cybersecurity
- Top 7 Commercial Linux Distributions
- Why Do I Need a Website?
- Reinforcement Learning in Real-world Applications: The Latest Successes and Challenges
- Various Python Libraries for developing RESTful APIs
- Top 7 NodeJS Frameworks You Need To Know
- How Buying Instagram Followers Can Help Businesses Soar
- How To Find Gaps In Your Cybersecurity And How To Address Them
- How to close the site from indexing using robots.txt