Cheat Sheets

Don’t re-invent the wheel or toil away thinking of test data or techniques – use a cheat sheet.

Here’s a cheat sheet of cheat sheets…

General

Ministry of Testing’s Test Heuristics Cheat SheetCovering a wide range of areas, with test data, heuristics and techniques.
Big list of naughty stringsLots of test data, from awkward characters to SQL injection

Security

My Security Cheat SheetSome basic values to test for injection
SQL Injection & XSS Playground (ired.team notes)Helpful resource for SQL injection & XSS
Penetration Testing Cheat Sheet (Ivan Sincek)Massive collection of well explained things to try when pen testing
OWASP Cheat Sheet seriesA complete collection of different cheat sheets focused on prevention, covering a very wide area.
OWASP Web Application Security Testing GuideReally handy resource with great explanations. Whilst it is fairly technical and has plenty jargon, it is fairly readable.
PortSwigger’s Web Security AcademyFantastic learning resources.
PortSwigger’s XSS Cheat SheetA good cheat sheet for XSS.
PortSwigger’s SQL Injection Cheat SheetA good cheat sheet for SQL Injection