awesome-repositories.com
Blog
awesome-repositories.com

Entdecke die besten Open-Source-Repositories mit KI-gestützter Suche.

EntdeckenKuratierte SuchenOpen-Source-AlternativenSelf-hosted SoftwareBlogSitemap
ProjektÜber unsRanking-MethodikPresseMCP-Server
RechtlichesDatenschutzAGB
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

Security cheat sheets

Ranking aktualisiert am 9. Juli 2026

For a collection of security cheat sheets, the strongest matches are owasp/wstg (This repository provides a comprehensive, industry-standard framework and structured), fallibleinc/security-guide-for-developers (This repository provides a structured, checklist-driven approach to application) and owasp/top10 (This repository is the industry-standard reference for web application). trimstray/the-practical-linux-hardening-guide and owasp/go-scp round out the shortlist. Each is ranked by relevance to your query, popularity and recent activity.

Explore the best security cheat sheets for developers. Compare top-rated resources by topic, language, and use case to find the best fit for you.

Security cheat sheets

Finde die besten Repos mit KI.Wir suchen mit KI nach den am besten passenden Repositories.
  • owasp/wstgAvatar von OWASP

    OWASP/wstg

    9,473Auf GitHub ansehen↗

    The Web Application Security Testing Guide is an open-source security testing standard and comprehensive framework of procedures for identifying vulnerabilities in web applications and services. It serves as a vulnerability assessment methodology and a web API security audit framework, providing a structured approach for conducting consistent and thorough security audits of web-based software. The project utilizes a methodology-based audit framework and checklist-driven workflows to ensure repeatable discovery and exploitation steps. It organizes security tests through taxonomy-based vulnerab

    This repository provides a comprehensive, industry-standard framework and structured checklist for web application security testing, directly addressing the need for authoritative guidance on vulnerability assessment and security best practices.

    Software Security StandardsApplication Security
    Auf GitHub ansehen↗9,473
  • fallibleinc/security-guide-for-developersAvatar von FallibleInc

    FallibleInc/security-guide-for-developers

    21,090Auf GitHub ansehen↗

    This project is a web application security guide and developer training resource. It serves as a secure coding framework and vulnerability remediation manual, providing software engineers with the tools to identify, prioritize, and fix common security holes across different application layers. The resource utilizes a structured verification framework and security audit checklists to systematically find vulnerabilities. It features a technical reference that maps specific security flaws to step-by-step instructions for remediation, supported by vulnerability statistics to help determine which

    This repository provides a structured, checklist-driven approach to application security and vulnerability remediation, serving as a practical reference guide for developers to implement secure coding practices.

    Secure Coding GuidesSecure Coding Practices
    Auf GitHub ansehen↗21,090
  • owasp/top10Avatar von OWASP

    OWASP/Top10

    5,273Auf GitHub ansehen↗

    This project is a web application security standard and vulnerability framework. It provides a comprehensive list of the most critical security risks facing web applications, paired with technical guidance and a structured methodology for identifying and mitigating these flaws. The framework functions as a secure coding guide and a risk assessment methodology, offering a standardized approach to prioritizing vulnerabilities based on their potential impact and likelihood of exploitation. It defines architectural patterns and technical recommendations to help developers implement defense in dep

    This repository is the industry-standard reference for web application security risks, providing the structured guidance, vulnerability assessment methodology, and hardening recommendations required to implement robust security practices.

    HTMLApplication Security StandardsSecure Coding GuidesAudit and Compliance
    Auf GitHub ansehen↗5,273
  • trimstray/the-practical-linux-hardening-guideAvatar von trimstray

    trimstray/the-practical-linux-hardening-guide

    10,545Auf GitHub ansehen↗

    This project is a comprehensive Linux server hardening guide and infrastructure documentation resource. It provides a set of validated security baselines and step-by-step instructions for implementing security controls and configuration best practices to protect production environments. The guide focuses on aligning systems with industry-standard security benchmarks, specifically those provided by the Center for Internet Security and Security Technical Implementation Guides. It includes a framework for using OpenSCAP to scan system configurations, verify compliance against reference profiles,

    This repository provides a comprehensive, structured reference guide for Linux infrastructure hardening and compliance, directly addressing the need for actionable security benchmarks and configuration best practices.

    Security StandardsAudit and ComplianceServer Hardening
    Auf GitHub ansehen↗10,545
  • owasp/go-scpO

    OWASP/Go-SCP

    5,285Auf GitHub ansehen↗

    Go-SCP is a secure coding guide and vulnerability prevention framework for the Go programming language. It serves as a technical manual for implementing defensive programming patterns and security benchmarks to prevent common software vulnerabilities. The project functions as a static security reference, mapping known software weaknesses to specific Go remediation patterns. It provides a curated repository of secure coding standards and vetted implementation practices specifically focused on web application security. The framework covers security auditing by comparing source code against est

    This repository provides a structured, curated reference guide for secure coding practices and vulnerability prevention specifically tailored for the Go programming language, fitting the category of a security knowledge base.

    GoSecure Coding GuidesSecure Coding Practices
    Auf GitHub ansehen↗5,285
  • owasp/owasp-mstgAvatar von OWASP

    OWASP/owasp-mstg

    12,973Auf GitHub ansehen↗

    The Mobile Application Security Testing Guide is a comprehensive manual and compliance framework for verifying the security of mobile applications. It provides a standardized reference for identifying and validating common software security weaknesses and performing reverse engineering based on industry standards. The project provides a structured set of technical processes and checklists used to audit applications against established security weakness enumerations. It encompasses guidance for analyzing application binaries and runtime behavior to identify hidden functionality and security ga

    This repository provides a comprehensive, structured reference guide and set of checklists specifically for mobile application security, which aligns with the core intent of security best practices and compliance verification.

    PythonApplication Security StandardsAudit and Compliance
    Auf GitHub ansehen↗12,973
  • owasp/cheatsheetseriesAvatar von OWASP

    OWASP/CheatSheetSeries

    32,298Auf GitHub ansehen↗

    The OWASP Cheat Sheet Series is a comprehensive, community-driven repository of concise security best practices and defensive coding patterns. It serves as a centralized knowledge base for developers and security professionals, providing actionable guidance to secure applications across the entire software development lifecycle. The project covers a vast array of security domains, ranging from fundamental web application hardening and authentication protocols to specialized controls for modern infrastructure and artificial intelligence systems. What distinguishes this project is its decentral

    This repository is the definitive collection of structured, actionable security cheat sheets that directly address application hardening, infrastructure security, and compliance standards for developers and security professionals.

    PythonApplication Security StandardsApplication SecurityConfiguration Hardening
    Auf GitHub ansehen↗32,298
  • trimstray/the-book-of-secret-knowledgeAvatar von trimstray

    trimstray/the-book-of-secret-knowledge

    228,641Auf GitHub ansehen↗

    This project serves as a centralized, community-driven repository of technical knowledge and administrative resources. It provides a structured taxonomy that aggregates disparate information into a searchable framework, supporting continuous learning and rapid problem-solving for system administrators and cybersecurity practitioners. By mapping resources across offensive security, infrastructure management, and software development, it offers a unified path for skill acquisition and professional reference. The project is defined by a command-line-first design philosophy, prioritizing terminal

    This repository acts as a comprehensive, community-curated collection of security-focused cheat sheets, checklists, and technical resources that directly address the visitor's need for structured security best practices and infrastructure hardening guides.

    Infrastructure HardeningSoftware Security Standards
    Auf GitHub ansehen↗228,641
  • ignitetechnologies/mindmapAvatar von Ignitetechnologies

    Ignitetechnologies/Mindmap

    8,656Auf GitHub ansehen↗

    Mindmap is a cybersecurity knowledge base and reference library that organizes security tools, frameworks, and methodologies into a visual knowledge map. It functions as a curated directory of cheat sheets and command guides for offensive and defensive security operations, presented as a hierarchical interface with collapsible nodes. The project converts structured markdown files into navigable visual trees to facilitate the study of penetration testing workflows and DevOps learning roadmaps. It also serves as a security compliance framework, providing structured mappings of NIST and ISO 2700

    This repository serves as a comprehensive, structured knowledge base and visual reference guide for security methodologies, compliance frameworks, and infrastructure hardening practices, directly addressing the need for organized security documentation.

    Audit and Compliance
    Auf GitHub ansehen↗8,656
  • microsoft/security-101Avatar von microsoft

    microsoft/Security-101

    6,203Auf GitHub ansehen↗

    Security-101 is a vendor-agnostic, foundational cybersecurity learning curriculum organized into modular, framework-aligned modules. It is designed to build core knowledge across multiple security domains without tying content to specific products or platforms, making it suitable for both beginners and professionals seeking a structured introduction to the field. The curriculum is built around established security frameworks, including the MITRE ATT&CK framework for standardized threat analysis and the NIST Cybersecurity Framework for incident response workflows. It covers a broad range of do

    This repository provides a structured, modular curriculum and comprehensive reference material covering core security domains, making it a highly relevant resource for implementing security best practices and infrastructure hardening.

    HTMLSecure Coding GuidesSecurity Standards
    Auf GitHub ansehen↗6,203
  • christianlempa/cheat-sheetsAvatar von ChristianLempa

    ChristianLempa/cheat-sheets

    4,771Auf GitHub ansehen↗

    This project is a technical reference knowledge base and developer cheat sheet repository. It functions as a searchable collection of quick-reference guides, CLI command patterns, and code snippets for various operating systems, cloud platforms, and infrastructure tools. The system operates as a markdown-based technical knowledge base, where content is stored in plain text files and rendered as a static site. This approach enables a personal knowledge management system that utilizes version control and a directory-based navigation hierarchy to organize technical notes for long-term retrieval.

    This repository provides a structured collection of technical reference guides and command-line cheat sheets that cover infrastructure and development topics, serving as a practical knowledge base for security best practices.

    Command Cheat SheetsTechnical Knowledge BasesCheat Sheets
    Auf GitHub ansehen↗4,771
  • abz-aaron/cheat-sheetsAvatar von ABZ-Aaron

    ABZ-Aaron/cheat-sheets

    1,713Auf GitHub ansehen↗

    This project is a curated collection of technical cheat sheets and quick-reference guides designed to assist with daily software development tasks. It functions as a static knowledge base, providing concise summaries of programming language syntax, database query commands, and common software tool patterns. The repository organizes these technical notes as version-controlled markdown files, allowing for rapid access to essential information without the need for extensive documentation searches. By maintaining these references in a centralized, repository-driven format, the project helps reduc

    This repository serves as a collection of structured cheat sheets covering various security domains, providing the reference material needed to implement best practices across infrastructure and application development.

    Cheat SheetsDeveloper Quick ReferencesLanguage Syntax References
    Auf GitHub ansehen↗1,713
  • truevault-safe/hipaa-compliance-developers-guideAvatar von truevault-safe

    truevault-safe/hipaa-compliance-developers-guide

    1,741Auf GitHub ansehen↗

    This project provides a comprehensive technical framework for developers building software applications that handle protected health information. It serves as a guide for navigating the legal and technical requirements necessary to ensure that applications and their underlying infrastructure adhere to mandatory health data privacy standards. The guide distinguishes itself by addressing the full spectrum of compliance, from identifying regulatory obligations and business associate requirements to implementing specific technical and physical safeguards. It offers detailed strategies for securin

    This repository provides a structured guide specifically focused on implementing security and compliance standards for developers, serving as a specialized reference for meeting regulatory requirements in application development.

    Infrastructure Hardening
    Auf GitHub ansehen↗1,741
  • futurice/backend-best-practicesAvatar von futurice

    futurice/backend-best-practices

    2,362Auf GitHub ansehen↗

    This project provides a collection of architectural guidelines and operational standards for building secure, maintainable, and scalable server-side software systems. It establishes a framework for implementing consistent development environments, system observability, and data security practices across distributed application environments. The repository focuses on standardizing software engineering conventions to ensure environment parity and system transparency. It covers the implementation of aggregated health monitoring, request throttling, and secure data handling, including the use of

    This repository provides a structured collection of backend development best practices that covers several key areas of application security, serving as a practical reference guide for developers.

    Engineering Best PracticesAudit Logging StandardsHealth Monitoring Endpoints
    Auf GitHub ansehen↗2,362
  • micropoor/micro8Avatar von Micropoor

    Micropoor/Micro8

    18,060Auf GitHub ansehen↗

    Micro8 is a security auditing knowledge base and penetration testing resource library. It serves as a curated collection of guides and documentation focused on vulnerability assessment. The project provides educational content and study guides for manual source code review, domain escalation, and internal network auditing. It includes a toolkit of reference materials for analyzing network traffic logs and identifying brute-force patterns. The library covers technical domains including web penetration testing and privilege escalation. It organizes these materials through PDF-based knowledge r

    This repository serves as a comprehensive knowledge base and curated collection of security auditing guides, providing the structured reference material needed for vulnerability assessment and technical security analysis.

    Security Auditing TutorialsExecution Trace and Log AnalyzersNetwork Security Auditing
    Auf GitHub ansehen↗18,060
  • hacktricks-wiki/hacktricksAvatar von HackTricks-wiki

    HackTricks-wiki/hacktricks

    11,700Auf GitHub ansehen↗

    HackTricks is a comprehensive cybersecurity knowledge base and wiki designed to support ethical hacking, penetration testing, and infrastructure security auditing. It serves as a structured reference guide for security professionals, providing detailed documentation on common vulnerabilities, attack vectors, and remediation strategies across diverse software and network environments. The project distinguishes itself by offering actionable methodologies for identifying and analyzing security flaws. It functions as a centralized repository for security research, enabling practitioners to study

    This repository serves as a comprehensive, structured knowledge base for security professionals, providing detailed methodologies and remediation strategies that align well with the need for reference guides on infrastructure and application security.

    CSSPenetration Testing ResourcesSecurity VulnerabilitiesPenetration Testing and Ethical Hacking
    Auf GitHub ansehen↗11,700
  • lylemi/learn-web-hackingAvatar von LyleMi

    LyleMi/Learn-Web-Hacking

    5,414Auf GitHub ansehen↗

    Learn-Web-Hacking is a structured web security study guide and penetration testing knowledge base. It provides a collection of research notes focused on identifying and exploiting vulnerabilities in web applications and network protocols. The project includes specialized frameworks for evaluating security risks in large language models to prevent prompt injection, as well as guides for hardening cloud-native infrastructure, including container standards and orchestration tools. It also covers the analysis of identity standards and authentication protocols. The material spans a broad range of

    This repository provides a comprehensive, structured knowledge base covering web application security, infrastructure hardening, and protocol analysis, serving as a practical reference guide for implementing security best practices.

    PythonPenetration Testing ResourcesAttack Surface MappingCloud Infrastructure Security
    Auf GitHub ansehen↗5,414
Die Top 10 auf einen Blick vergleichen
RepositoryStarsSpracheLizenzLetzter Push
owasp/wstg9.5K—CC-BY-SA-4.015. Juni 2026
fallibleinc/security-guide-for-developers21.1K——30. Aug. 2025
owasp/top105.3KHTMLother6. Jan. 2026
trimstray/the-practical-linux-hardening-guide10.5K—MIT19. Nov. 2024
owasp/go-scp5.3KGoCC-BY-SA-4.031. Mai 2024
owasp/owasp-mstg13KPythonCC-BY-SA-4.016. Juni 2026
owasp/cheatsheetseries32.3KPythonCC-BY-SA-4.016. Juni 2026
trimstray/the-book-of-secret-knowledge228.6K—MIT19. Nov. 2024
ignitetechnologies/mindmap8.7K——22. Juni 2025
microsoft/security-1016.2KHTMLcc0-1.021. Dez. 2025

Related searches

  • an open source tool for digital privacy
  • Sammlung von Blogs aus der Cybersecurity-Branche
  • Web-App-Sicherheit und Exploitation
  • Sammlung von Quick-Reference-Cheat-Sheets für Entwickler
  • Security research resources
  • a security middleware for web applications
  • Netzwerksicherheit und -analyse
  • Lernpfad für Security-Engineering