OWASP/CheatSheetSeriesPublic

NotificationsYou must be signed in to change notification settings
Fork4.1k
Star29.2k

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

License

CC-BY-SA-4.0 license

29.2k stars 4.1k forks Branches Tags Activity

Star

Notifications

You must be signed in to change notification settings

Branches Tags

Folders and files

Name		Name	Last commit message	Last commit date
Latest commit History 1,899 Commits
.github		.github
assets		assets
cheatsheets		cheatsheets
cheatsheets_draft		cheatsheets_draft
cheatsheets_excluded		cheatsheets_excluded
scripts		scripts
templates		templates
.gitignore		.gitignore
.markdownlint.json		.markdownlint.json
.textlintrc		.textlintrc
CODE_OF_CONDUCT.md		CODE_OF_CONDUCT.md
CONTRIBUTING.md		CONTRIBUTING.md
CONTRIBUTOR-V1.md		CONTRIBUTOR-V1.md
Dockerfile		Dockerfile
HelpGuide.md		HelpGuide.md
Index.md		Index.md
IndexASVS.md		IndexASVS.md
IndexMASVS.md		IndexMASVS.md
IndexProactiveControls.md		IndexProactiveControls.md
IndexTopTen.md		IndexTopTen.md
LICENSE.md		LICENSE.md
Makefile		Makefile
Preface.md		Preface.md
Project.code-workspace		Project.code-workspace
README.md		README.md
book.json		book.json
exploit-protection-guard.png		exploit-protection-guard.png
markdown-link-check-config.json		markdown-link-check-config.json
mkdocs.yml		mkdocs.yml
package.json		package.json
requirements.txt		requirements.txt

Repository files navigation

Welcome to the OWASP Cheat Sheet Series

Welcome to the official repository for the Open Worldwide Application Security Project® (OWASP) Cheat Sheet Series project. The project focuses on providing good security practices for builders in order to secure their applications.

In order to read the cheat sheets andreference them, use the projectofficial website. The project details can be viewed on theOWASP main website without the cheat sheets.

🚩 Markdown files are the working sources and aren't intended to be referenced in any external documentation, books or websites.

Cheat Sheet Series Team

Project Leaders

Core Team

Chat With Us

We're easy to find on Slack:

Join the OWASP Group Slack with thisinvitation link.
Join the#cheatsheets channel.

Feel free to ask questions, suggest ideas, or share your best recipes.

Contributions, Feature Requests, and Feedback

We are actively inviting new contributors! To start, please read thecontribution guide.

This project is only possible thanks to the work of many dedicated volunteers. Everyone is encouraged to help in ways large and small. Here are a few ways you can help:

Read the current content and help us fix any spelling mistakes or grammatical errors.
Choose an existingissue on GitHub and submit a pull request to fix it.
Open a new issue to report an opportunity for improvement.

Automated Build

Thislink allows you to download a build (ZIP archive) of the offline website.

Local Build

The OWASP Cheat Sheet Series website can be built and tested locally by issuing the following commands:

make install-python-requirementsmake generate-sitemake serve# Binds port 8000

Container Build

The OWASP Cheat Sheet Series website can be built and tested locally inside a container by issuing the following commands:

Docker

docker build -t cheatsheetseries.docker run --name cheatsheetseries -p 8000:8000 cheatsheetseries

Podman

podman build -t cheatsheetseries.podman run --name cheatsheetseries -p 8000:8000 localhost/cheatsheetseries

Contributors

From 2014 to 2018:V1 - Initial version of the project hosted on theOWASP WIKI.
From 2019:V2 - Hosted onGitHub.

Special thanks

A special thank you to the following people for their help provided during the migration:

Dominique Righetto: For his special leadership and guidance.
Elie Saad: For valuable help in updating the OWASP Wiki links for all the migrated cheat sheets and for years of leadership and other project support.
Jakub Maćkowski: For valuable help in updating the OWASP Wiki links for all the migrated cheat sheets.

Open Worldwide Application Security Project and OWASP are registered trademarks of the OWASP Foundation, Inc.