Discover cookbooks curated by Secure Code Warrior and the Sensei Community. How do I install cookbooks?

Have suggestions or feedback?

Suggest cookbooks/recipes Provide feedback Share your cookbook
Secure Code Warrior
AWS SDK

Best practices for the Amazon Web Services ecosystem including credential management/storage, databases and region selection.

Secure Code Warrior
Android Security Set

Recipes created from security recommendations in the official Android documentation (https://developer.android.com/), including checks for the manifest file, injection vulnerability, configuration and storage.

Secure Code Warrior
Basic Protection Set

Starting point for security that detects weak cryptography, injection vulnerabilities and XXE in a framework-agnostic way.

Secure Code Warrior
JUnit 4 Best Practices

Best practices for the JUnit 4 testing framework including correct usage of its API and annotations.

Secure Code Warrior
JUnit 5 Best Practices

Best practices for the JUnit 5 testing framework including correct usage of its API and annotations.

Secure Code Warrior
Java Gotcha's

Detection of mistakes relating to incorrect or unsafe use of Java language features and APIs such as object equality, exception handling, regular expressions and collections.

Secure Code Warrior
Log4j

Recipes relating to Log4j (and Log4Shell vulnerabilities)

Secure Code Warrior
OWASP Top 10 Set

Collection of all recipes related to the OWASP Top 10 categories such as injection, authentication, security misconfiguration.

Secure Code Warrior
Spring

Best practices spanning the Java Spring projects including Boot, Core, Data, Security and Web.

Secure Code Warrior
Standardisation on AssertJ for unit testing

Recipes to standardise on the AssertJ framework including idiomatic assertions and migrations from other frameworks.

Secure Code Warrior
Standardisation on SLF4J

Recipes to standardise on the SLF4J framework including migrations from other logging frameworks

Secure Code Warrior
Standardisation on java.time (JSR-310)

Standardisation on java.time (JSR-310) including migrations from other time frameworks.