-
Notifications
You must be signed in to change notification settings - Fork 15
/
Copy pathindex.html
105 lines (85 loc) · 4.31 KB
/
index.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
<!doctype html>
<html lang="en" ng-app="checklistApp">
<head>
<meta charset="utf-8">
<title>Security Cheat Sheet</title>
<link rel="stylesheet" href="css/bootstrap.css">
<link rel="stylesheet" href="css/font-awesome.min.css">
<link rel="stylesheet" href="css/app.css">
<script src="js/angular.js"></script>
<script src="js/controllers.js"></script>
<link href='https://fonts.googleapis.com/css?family=Raleway:700' rel='stylesheet' type='text/css'>
</head>
<body ng-controller="SecurityChecklistCtrl">
<div class="container-fluid">
<div class="row">
<div class="col-md-2 no-print filter_box">
<h3>Filters</h3>
Generate a cheat sheet specific for the technologies your development team used.<br/>
<br/>
<span class="category"><i class="fa fa-code"></i> .NET:</span><br/>
<input type="checkbox" ng-model="filter['manualenc']" > Manual XML construction<br/>
<input type="checkbox" ng-model="filter['razor']"> Razor (.cshtml/.vbhtml)<br/>
<input type="checkbox" ng-model="filter['webforms']"> Web Forms (.aspx)<br/>
<input type="checkbox" ng-model="filter['sanitizehtml']"> HTML Sanitization<br/>
<input type="checkbox" ng-model="filter['sql-ado']"> SQL - ADO.net<br/>
<input type="checkbox" ng-model="filter['sql-linq']"> SQL - LINQ<br/>
<input type="checkbox" ng-model="filter['oscmd']"> OS Command<br/>
<input type="checkbox" ng-model="filter['ldap']"> LDAP Queries<br/>
<input type="checkbox" ng-model="filter['xpath-basic']"> XPath<br/>
<input type="checkbox" ng-model="filter['xpath-mvpxml']"> XPath - MvpXml<br/>
<input type="checkbox" ng-model="filter['xxe']"> XML parsing (XXE)<br/>
<br/>
<span class="category"><i class="fa fa-code"></i> Java:</span><br/>
<i>Coming soon</i><br/>
<br/>
<span class="category"><i class="fa fa-code"></i> Javascript:</span><br/>
<input type="checkbox" ng-model="filter['angular']" > Angular<br/>
<input type="checkbox" ng-model="filter['ember']"> Ember.js<br/>
<input type="checkbox" ng-model="filter['dompurify']"> DOMPurify<br/>
<br/>
<span class="category"><i class="fa fa-code"></i> PHP:</span><br/>
<i>Coming soon</i><br/>
<br/>
<span class="category"><i class="fa fa-code"></i> Python:</span><br/>
<i>Coming soon</i><br/>
<br/>
<hr/>
<iframe class="github-btn"
src="http://ghbtns.com/github-btn.html?user=gosecure&repo=security-cheat-sheet&type=watch&count=true"
allowtransparency="true" frameborder="0" scrolling="0" width="100px"
height="20px"></iframe><br/>
<iframe class="github-btn"
src="http://ghbtns.com/github-btn.html?user=gosecure&repo=security-cheat-sheet&type=fork&count=true"
allowtransparency="true" frameborder="0" scrolling="0" width="102px"
height="20px"></iframe>
<hr/>
Found an error or want to contribute new ideas? <a target="_blank" href="https://github.com/GoSecure/security-cheat-sheet">Visit the GitHub project</a><br/>
</div>
<div class="col-md-10">
<!--Body content-->
<h1><i class="fa fa-lock"></i> Security Cheat Sheet</h1>
<h2 class="subtitle no-print">for developers and security auditors</h2>
<br/>
<div>
<div class="guideline" ng-repeat="g in filtered=(guidelines | filter:filterByFrameworks)">
<h3>{{g.title}}</h3>
<p ng-bind-html="g.descriptionHtml"></p>
<p class="no-print"><a href="{{g.refUrl}}">{{g.refUrl}}</a></p>
<hr/>
</div>
</div>
<div><small>Cheat sheet created by <a href="http://gosecure.ca">GoSecure</a> released under <a href="https://creativecommons.org/licenses/by/3.0/">Creative Commons</a></small></div>
</div>
</div>
</div>
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-75408615-1', 'auto');
ga('send', 'pageview');
</script>
</body>
</html>