Security Links

Secure software development

Prevent SQL injection

SQL injection prevention cheat sheet

A quick and comprehensive guide for preventing SQL injection attacks.

Injection cheat sheet

A clear and actionable guide for preventing injection attacks in applications.

Testing for SQL injection

Comprehensive guidance for detecting and patching SQL injection vulnerabilities.

Prevent XSS attacks

Prevent XSS attacks originating from unsafe Markdown (League\CommonMark), HTML, and JavaScript.

A collection of best practices for preventing XSS attacks in web applications that depend on League\CommonMark.

Cross-site Scripting

A guide to cross-site scripting, its attack vectors, and mitigation/prevention techniques.

Cross-site scripting prevention cheat sheet

A quick and thorough guide for preventing/mitigating XSS attacks in web applications.

XSS filter evasion cheat sheet

A collection of attacks used to test for XSS vulnerability.

Testing for reflected cross-site scripting

Test for reflected cross-site scripting in web applications.

Testing for stored cross-site scripting

Find and patch stored cross-site scripting vulnerabilities in applications.

DOM based XSS prevention cheat sheet

A quick and comprehensive guide for preventing DOM-based XSS attacks.