Checklists
OWASP Official Cheat Sheets​
High relevant​
- Nodejs security cheat sheet
- AJAX Security
- Clickjacking Defense
- Content Security Policy (CSP)
- Credential Stuffing Prevention
- Cross-Site Request Forgery Prevention (CSRF)
- Cross Site Scripting Prevention (XSS)
- DOM based XSS Prevention
- Cryptographic Storage
- Database Security
- Denial of Service
- Docker Security
- Forgot Password
- Injection Prevention
- Input Validation
- Key Management
- Logging
- Microservices based Security Arch Doc
- Multifactor Authentication
- Password Storage
- REST Assessment
- REST Security
- SQL Injection Prevention
- Securing Cascading Style Sheets
- Server Side Request Forgery Prevention
- Session Management
- Threat Modeling
- Transport Layer Protection
- Unvalidated Redirects and Forwards
- User Privacy Protection
- Virtual Patching
Other​
- XML Security
- XML External Entity Prevention
- Vulnerable Dependency Management
- Vulnerability Disclosure Cheat Sheet
- Transaction Authorization
- TLS Cipher String
- Third Party Javascript Management
- SAML Security
- Query Parameterization
- Pinning
- HTTP Strict Transport Security (HSTS)
- HTML5 Security
- Abuse Case
- Access Control
- Attack Surface Analysis
- Authentication
- Authorization Testing Automation
- Choosing and Using Security Questions
- Deserialization
- Error Handling
- File Upload
- LDAP Injection Prevention
- Mass Assignment