This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Cheat Sheet Series"

From OWASP
Jump to: navigation, search
m (Add Ruby On Rails CS update)
m (Add next tasks on CS)
Line 116: Line 116:
  
 
= Roadmap =
 
= Roadmap =
 +
 +
'''Global:'''
  
 
* Bring all cheat sheets out of draft.
 
* Bring all cheat sheets out of draft.
Line 122: Line 124:
 
* Find a way to automate the generation of a PDF referential file gathering all CS.
 
* Find a way to automate the generation of a PDF referential file gathering all CS.
 
* Go through the cheat sheets to make sure they follow the CS guideline.
 
* Go through the cheat sheets to make sure they follow the CS guideline.
 +
 +
 +
'''Next work on Cheat Sheets (CS):'''
 +
 +
* [[Insecure_Direct_Object_Reference_Prevention_Cheat_Sheet|Insecure Direct Object Reference Prevention]] CS:
 +
** Update it in order to add relation with Access Control and how to prevent this kind of issue.
 +
* Server Side Request Forgery Defense CS:
 +
** Create it.
 +
* [[Forgot_Password_Cheat_Sheet|Forgot Password]] CS:
 +
** Add a POC in order to provide actionable code.
 +
* [[Password_Storage_Cheat_Sheet|Password Storage]] CS:
 +
** Add a POC in order to provide actionable code about Argon2 usage.
 +
* [[OS_Command_Injection_Defense_Cheat_Sheet|OS Command Injection Defense]] CS:
 +
* Add information about system command escaping.
  
 
= Cheat sheet Guideline =
 
= Cheat sheet Guideline =

Revision as of 09:18, 10 December 2017

Lab big.jpg
Cheatsheets-header.jpg

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific web application security topics. These cheat sheets were created by various application security professionals who have expertise in specific topics. We hope that the OWASP Cheat Sheet Series provides you with excellent security guidance in an easy to read format.

If you have any questions about the OWASP Cheat Sheet Series, please email the project leader Jim Manico or subscribe to our project email list.

Authors

Project Leaders: Jim Manico and Dominique Righetto @ Contributors: Paweł Krawczyk, Mishra Dhiraj, Shruti Kulkarni, Torsten Gigler, Michael Coates, Jeff Williams, Dave Wichers, Kevin Wall, Jeffrey Walton, Eric Sheridan, Kevin Kenan, David Rook, Fred Donovan, Abraham Kang, Dave Ferguson, Shreeraj Shah, Raul Siles, Colin Watson, Neil Matatall and many more!

OWASP Cheat Sheets

Quick Access

OWASP Cheatsheet Series Book : April 2015 PDF download.

Email List

Project Email List

Licensing

The OWASP Cheat Sheet Series is free to use under the Creative Commons ShareAlike 3 License.

Related Projects

News and Events

Classifications

Owasp-labs-trans-85.png Owasp-builders-small.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files DOC.jpg