Cheat Sheets

Don’t re-invent the wheel or toil away thinking of test data or techniques – use a cheat sheet.

Here’s a cheat sheet of cheat sheets…


Ministry of Testing’s Test Heuristics Cheat SheetCovering a wide range of areas, with test data, heuristics and techniques.
Big list of naughty stringsLots of test data, from awkward characters to SQL injection


My Security Cheat SheetSome basic values to test for injection
SQL Injection & XSS Playground ( notes)Helpful resource for SQL injection & XSS
Penetration Testing Cheat Sheet (Ivan Sincek)Massive collection of well explained things to try when pen testing
OWASP Cheat Sheet seriesA complete collection of different cheat sheets focused on prevention, covering a very wide area.
OWASP Web Application Security Testing GuideReally handy resource with great explanations. Whilst it is fairly technical and has plenty jargon, it is fairly readable.
PortSwigger’s Web Security AcademyFantastic learning resources.
PortSwigger’s XSS Cheat SheetA good cheat sheet for XSS.
PortSwigger’s SQL Injection Cheat SheetA good cheat sheet for SQL Injection