The OWASP Top Ten is a standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.
This cheat sheet will help users of the OWASP Top Ten identify which cheat sheets map to each security category. This mapping is based the OWASP Top Ten 2021 version.
- Authorization Cheat Sheet
- Insecure Direct Object Reference Prevention Cheat Sheet
- Transaction Authorization Cheat Sheet
- Cross-Site Request Forgery Prevention Cheat Sheet
- Cryptographic Storage Cheat Sheet
- Transport Layer Protection Cheat Sheet
- HTTP Strict Transport Security Cheat Sheet
- TLS Cipher String Cheat Sheet
- Secrets Management Cheat Sheet
- Key Management Cheat Sheet
- Pinning Cheat Sheet
- Injection Prevention Cheat Sheet
- LDAP Injection Prevention Cheat Sheet
- OS Command Injection Defense Cheat Sheet
- Injection Prevention in Java Cheat Sheet
- SQL Injection Prevention Cheat Sheet
- Query Parameterization Cheat Sheet
- Cross Site Scripting Prevention Cheat_Sheet
- DOM based XSS Prevention Cheat Sheet
- XSS Filter Evasion Cheat Sheet
- Content Security Policy Cheat Sheet
- Infrastructure as Code Security Cheat Sheet
- XML External Entity Prevention Cheat Sheet
- PHP Configuration Cheat Sheet
- Vulnerable Dependency Management Cheat Sheet
- Third Party JavaScript Management Cheat Sheet
- npm Security best practices
- Authentication Cheat Sheet
- Session Management Cheat Sheet
- Forgot Password Cheat Sheet
- Choosing and Using Security Questions Cheat Sheet
- Credential Stuffing Prevention Cheat Sheet
- Denial of Service Cheat Sheet
- JSON Web Token for Java Cheat Sheet
- Multifactor Authentication Cheat Sheet
- Password Storage Cheat Sheet
- SAML Security Cheat Sheet