CONTRIBUTOR-V1.md

Contributors to the initial version of the project

If you want to modify something regarding the mention made to you (typo/link to your profile/etc), feel free to submit a PR with the expected content. Same approach if you think that we have forgotten someone.

Sorting applied on the name is an alphabetical one.

AJAX Security Cheat Sheet

• Michael Eddington
• Til Mas

Abuse Case Cheat Sheet

• Dominique Righetto - dominique.righetto@owasp.org
• James Robinson - jrobinson@netskope.com
• Rick Mitchell

Access Control Cheat Sheet

• Adinath Raveendra Raj - adinath@acciente.com
• Jim Manico - jim@owasp.org
• Mennouchi Islam Azeddine - azeddine.mennouchi@owasp.org
• Shruti Kulkarni - shruti.kulkarni@owasp.org

Attack Surface Analysis Cheat Sheet

• Jim Bird - jim.bird@owasp.org
• Jim Manico - jim@owasp.org

Authentication Cheat Sheet

• Eoin Keary eoinkeary
• Jim Manico - jim@owasp.org
• Manuel Aude Morales
• Pawel Krawczyk
• Sven Neuhaus
• Timo Goosen

Authorization Testing Automation Cheat Sheet

• Dominique Righetto - dominique.righetto@owasp.org

Bean Validation Cheat Sheet

• Anton Abashkin - abashkin.anton@gmail.com

C-Based Toolchain Hardening Cheat Sheet

• Jeffrey Walton - jeffrey@owasp.org
• Jim Manico - jim@owasp.org
• Kevin Wall - kevin@owasp.org

C-Based Toolchain Hardening Cheat Sheet

• Jeffrey Walton - jeffrey@owasp.org
• Jim Manico - jim@owasp.org
• Kevin Wall - kevin@owasp.org

Choosing and Using Security Questions Cheat Sheet

• Kevin Wall - kevin.w.wall@gmail com

Clickjacking Defense Cheat Sheet

• Aabashkin
• Dave Wichers - dwichers@gmail.com
• Eelgheez
• Jeffrey Walton
• Jim Manico - jim@owasp.org
• Michael Brook
• Santhosh Tuppad - santhosh.tuppad@gmail.com
• Shruti kulkarni
• Till Maas
• Tom Parker
• Yozo

Content Security Policy Cheat Sheet

• Elie Saad - eliesaad7@gmail.com

Credential Stuffing Prevention Cheat Sheet

• Brad Causey

Cross-Site Request Forgery Prevention Cheat Sheet

• Dave Wichers - dave.wichers@owasp.org
• Dominique Righetto - dominique.righetto@owasp.org
• Eric Sheridan - eric.sheridan@owasp.org
• Paul Petefish
• Manideep Konakandla (Amazon Application Security Team)

Cross Site Scripting Prevention Cheat Sheet

• Jeff Williams - jeff.williams@contrastsecurity.com
• Jim Manico - jim@owasp.org
• Neil Matatall - neil@owasp.org

Cryptographic Storage Cheat Sheet

• David Rook - david.a.rook@gmail.com
• Fred Donovan - fred.donovan@owasp.org
• Jim Manico - jim@owasp.org
• Kevin Kenan - kevin@k2dd.com
• Kevin Wall - kevin.w.wall@gmail.com
• Tony Hsu - hsiang_chih@yahoo.com

DOM based XSS Prevention Cheat Sheet

• Abraham Kang - abraham.kang@owasp.org
• Achim Hoffmann - achim@owasp.org
• Chris (Chris BEEF) Schmidt
• Dhiraj Mishra - mishra.dhiraj@owasp.org
• Eduardo (SirDarkCat) Alberto Vela Nava
• Erlend Oftedal
• Gareth (Gaz) Heyes
• Jeff Williams - jeff.williams@owasp.org
• Jeremy Long
• Jim Manico - jim@owasp.org
• John Steven
• Mario Heiderich
• Mike Samuel
• Robert (RSnake) Hansen
• Stefano Di Paola

Denial of Service Cheat Sheet

• Liviu Rombauts
• Stephen Corbiaux - stephen.corbiaux@owasp.org

Deserialization Cheat Sheet

• Arshan Dabirsiaghi - arshan@contrastsecurity.org
• Tony Hsu (Hsiang-Chih) Shane Murnion

Docker Security Cheat Sheet

• Jakub Maćkowski - jakub.mackowski@owasp.org

DotNet Security Cheat Sheet

• Bill Sempf - bill.sempf@owasp.org
• Jeremy Long - jeremy.long@owasp.org
• John Staveley
• Sam Ferree
• Shane Murnion
• Steve Bamelis
• Troy Hunt - troyhunt@hotmail.com
• Xander Sherry

Error Handling Cheat Sheet

• Dominique Righetto - dominique.righetto@owasp.org

Forgot Password Cheat Sheet

• Dave Ferguson - gmdavef@gmail.com
• James McGovern - james.mcgovern@hp.com
• Jim Manico - jim@owasp.org
• Kevin Wall - kevin.w.wall@gmail.com
• Wesley Philip - wphilip@ca.ibm.com

HTML5 Security Cheat Sheet

• Dominique Righetto dominique.righetto@owasp.org
• Juan Galiana Lara jgaliana@owasp.org
• Krzysztof Kotowicz krzysztof@kotowicz.net
• Mark Roxberry mark.roxberry@owasp.org
• Shreeraj Shah shreeraj.shah@blueinfy.net
• Will Stranathan will@cltnc.us

HTTP Strict Transport Security Cheat Sheet

• Daniel Black
• Jim Manico
• Michael Coates
• Pawel Krawczyk
• Til Maas

Injection Prevention Cheat Sheet

• Alexander Meisel - alexander.meisel@owasp.org
• Erlend Oftedal - erlend.oftedal@owasp.org
• Jim Manico - jim@owasp.org
• Sherif Mansour - sherif.mansour@owasp.org

Injection Prevention Cheat Sheet in Java

• Dave Wichers - dave.wichers@owasp.org
• Dominique Righetto - dominique.righetto@owasp.org

Input Validation Cheat Sheet

• Dave Wichers - dave.wichers@aspectsecurity.com

Insecure Direct Object Reference Prevention Cheat Sheet

• Dominique Righetto - dominique.righetto@owasp.org
• Eric Sheridan - eric.sheridan@owasp.org
• Jeff Williams - jeff.williams@contrastsecurity.com

JAAS Cheat Sheet

• Dr. A.L. Gottlieb - AnthonyG@owasp.org

JSON Web Token Cheat Sheet for Java

• Dominique Righetto - dominique.righetto@owasp.org
• Jim Manico - jim.manico@owasp.org
• Paul Ionescu - paul.ionescu@owasp.org

Key Management Cheat Sheet

• Brian Russell - russellbri@leidos.com
• Drew Van Duren - drew.f.van.duren@leidos.com
• Susanna Bezold – BezoldCISSP@aol.com
• Vanessa Amador - vanessa.c.amador@leidos.com

LDAP Injection Prevention Cheat Sheet

• Ben Weintraub - Ben@bluetalon.com
• Jim Manico - jim@owasp.org

Logging Cheat Sheet

• Alexis Fitzgerald - alexis.fitzgerald@owasp.org
• Colin Watson - colin.watson@owasp.org
• Eoin Keary - eoin.keary@owasp.org

Mass Assignment Cheat Sheet

• Abashkin Anton - abashkin.anton@gmail.com

OS Command Injection Defense Cheat Sheet

• Jim Manico - jim.manico@owasp.org
• Katy Anton - katy.anton@owasp.org

PHP Configuration Cheat Sheet

• Abbas Naderi - abbas.naderi@owasp.org
• Achim Hoffmann - Achim@owasp.org
• Dan Ehrlich - dan.ehrlich@owasp.org
• Tony Hsu HsiangChih

Password Storage Cheat Sheet

• Dominique Righetto - dominique.righetto@owasp.org
• Jim Manico - jim@owasp.org
• John Steven - john.steven@owasp.org

Pinning Cheat Sheet

• Jeffrey Walton - jeffrey@owasp.org
• Jim Manico - jim@owasp.org
• John Steven - john@owasp.org
• Kevin Wall - kevin@owasp.org
• Ricardo Iramar - ricardo.iramar@gmail.com

Protect FileUpload Against Malicious File

• Dominique Righetto - dominique.righetto@owasp.org

Query Parameterization Cheat Sheet

• Dave Wichers - dave.wichers@owasp.org
• Jim Manico - jim@owasp.org
• Neil Matatall - neil@owasp.org

REST Assessment Cheat Sheet

• Ofer Shezaf - ofer@shezaf.com

REST Security Cheat Sheet

• Andrew van der Stock - vanderaj@owasp.org
• Erlend Oftedal - erlend.oftedal@owasp.org
• Jan Wolff - jan.wolff@owasp.org
• Johan Peeters - yo@johanpeeters.com
• Manh Pham - manhpt2811@gmail.com
• Rocco Gränitz - rocco.graenitz@owasp.org
• Tony Hsu Hsiang Chih- Hsiang_chihi@yahoo.com

Ruby on Rails Cheatsheet

• Aaron Bedra - aaron@aaronbedra.com
• Egor Homakov - homakov@gmail.com
• Jim Manico - jim@owasp.org
• Jon Claudius - jonathan.claudius@gmail.com
• Jon Rose - jrose400@gmail.com
• Justin Collins - justin@presidentbeef.com
• Ken Johnson - cktricky@gmail.com
• Lance Vaughn - lance@cabforward.com
• Matt Konda - mkonda@jemurai.com
• Neil Matatall - neil@matatall.com
• Zaur Molotnikov - qutorial@gmail.com

SAML Security Cheat Sheet

• Gunnar Peterson
• James McGovern
• Brad Broulik
• Paweł Krawczyk

SQL Injection Prevention Cheat Sheet

• Dave Wichers - dave.wichers@owasp.org
• Dhiraj Mishra - mishra.dhiraj@owasp.org
• Jim Manico - jim@owasp.org
• Matt Seil - mseil@acm.org

Securing Cascading Style Sheets Cheat Sheet

• Santhosh Tuppad

Session Management Cheat Sheet

• Raul Siles (DinoSec) - raul@dinosec.com

TLS Cipher String Cheat Sheet

• Achim Hoffmann - achim@owasp.org
• Torsten Gigler - torsten.gigler@owasp.org

Third Party Javascript Management Cheat Sheet

• Jim Weiler - Jim.Weiler@owasp.org

Threat Modeling Cheat Sheet

• Ahmed Kanoma
• Mohamed Alfateh

Transaction Authorization Cheat Sheet

• Adam Lange
• Adam Zachara, SecuRing
• Andrzej Kleśnicki, Qualys
• Francois-Eric Guyomarch, HID Global
• James Holland, HID Global
• Milan Khan, HID Global
• Steven Wierckx, Toreon
• Sven Thomassin, PwC BE - Technology Consulting
• Sławomir Jasek, SecuRing
• Wojciech Dworakowski - wojciech.dworakowski@securing.pl

Transport Layer Protection Cheat Sheet

• Dave Wichers - dave.wichers@owasp.org
• Michael Coates - michael.coates@owasp.org
• Tony Hsu - hsiang_chih@yahoo.com
• Torsten Gigler - torsten.gigler@owasp.org
• Tyler Reguly - treguly@sslfail.com

Unvalidated Redirects and Forwards Cheat Sheet

• Jim Manico - jim@owasp.org
• Johanna Curiel - johanna.curiel@owasp.org
• Susanna Bezold - susanna.bezold@owasp.org

User Privacy Protection Cheat Sheet

• Mohammed ALDOUB

Virtual Patching Cheat Sheet

• Christian Folini - christian.folini@netnea.com
• Josh Zlatin - jamuse@gmail.com
• Ryan Barnett - ryan.barnett@owasp.org

Vulnerability Disclosure Cheat Sheet

• OWASP Montréal chapter
• @el_d33
• gosecure.ca

Vulnerable Dependency Management Cheat Sheet

• Dominique Righetto - dominique.righetto@owasp.org
• Elie Saad - eliesaad7@gmail.com
• Jakub Maćkowski - jakub.mackowski@owasp.org

Web Service Security Cheat Sheet

• Dave Wichers - dave.wichers@owasp.org
• Jim Manico - jim@owasp.org
• Sherif Koussa - sherif.koussa@owasp.org
• Gunnar Peterson

XML External Entity Prevention Cheat Sheet

• Dave Wichers - dave.wichers@owasp.org
• Dean Fleming
• James Jardine - james@jardinesoftware.com
• Tony Hsu (Hsiang-Chih)
• Xiaoran Wang - xiaoran@attacker-domain.com

XML Security Cheat Sheet

• Fernando Arnaboldi - fernando.arnaboldi@ioactive.com