我的书签
添加书签
移除书签Table of contents
- Objective
- 3. Secure Database Access
- 5. Validate All Inputs
- 7. Enforce Access Controls
- 10. Handle All Errors and Exceptions
Objective
1. Define Security Requirements
Attack Surface Analysis Cheat Sheet
2. Leverage Security Frameworks and Libraries
C-Based Toolchain Hardening Cheat Sheet
DotNet Security Cheat Sheet (A3 Cross Site Scripting)
Ruby on Rails Cheatsheet (Tools)
Vulnerable Dependency Management Cheat Sheet
3. Secure Database Access
DotNet Security Cheat Sheet (Data Access)
Query Parameterization Cheat Sheet
SQL Injection Prevention Cheat Sheet
4. Encode and Escape Data
AJAX Security Cheat Sheet (Client Side)
DOM based XSS Prevention Cheat Sheet
Injection Prevention Cheat Sheet in Java
5. Validate All Inputs
DotNet Security Cheat Sheet (A10 Unvalidated redirects and forwards)
Injection Prevention Cheat Sheet
Protect FileUpload Against Malicious File
Ruby on Rails Cheatsheet (Command Injection)
Unvalidated Redirects and Forwards Cheat Sheet
Server Side Request Forgery Prevention Cheat Sheet
6. Implement Digital Identity
DotNet Security Cheat Sheet (Forms authentication)
JSON Web Token Cheat Sheet for Java
REST Security Cheat Sheet (JWT)
Ruby on Rails Cheatsheet (Authentication)
7. Enforce Access Controls
Authorization Testing Automation
Cross-Site_Request_Forgery_Prevention_Cheat_Sheet
DotNet Security Cheat Sheet (A7 Missing function level access control)
Ruby on Rails Cheatsheet (Insecure Direct Object Reference or Forceful Browsing)
Insecure Direct Object Reference Prevention Cheat Sheet
8. Protect Data Everywhere
DotNet Security Cheat Sheet (Encryption)
Ruby on Rails Cheatsheet (Encryption)
