My personal collection of resources (mostly tools and training materials) for source code security audits.
☆107Aug 20, 2024Updated last year
Alternatives and similar repositories for security-code-review
Users that are interested in security-code-review are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Regex patterns for manual application source code review☆33Dec 14, 2020Updated 5 years ago
- ☆195Feb 26, 2023Updated 3 years ago
- A starter secure code review checklist☆184Nov 26, 2018Updated 7 years ago
- Training and certifications related to secure software development☆10Feb 9, 2026Updated 2 months ago
- Megagrep helps beginning a code review by searching for keywords in the code using "grep". It does not search for vulnerabilities directl…☆15Aug 8, 2022Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Automatic tool using for crawling code to find low-hang fruit vulnerabilities - Based on OWASP Secure Code Review Guide☆21Aug 31, 2020Updated 5 years ago
- Find unicode codepoints to use in normalisation and transformation attacks.☆11Mar 15, 2021Updated 5 years ago
- AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration test…☆38Feb 15, 2026Updated 2 months ago
- Extract GraphQL operations from javascript☆23Mar 18, 2026Updated last month
- Collection of all the resources published by Payatu.☆11Aug 11, 2025Updated 8 months ago
- This tools used for Automating finding of subdomain, and checking for alive subdomain, and gathering js files from all the subdomain and …☆22Jun 28, 2024Updated last year
- SecureEye is an AI tool for secure code review. It assesses code for vulnerabilities, and common attack vectors☆14May 21, 2024Updated last year
- Collection of templates for linux☆10Jun 2, 2024Updated last year
- generates unique subdomain names and runs httpx on them☆18Apr 8, 2024Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆40Nov 24, 2025Updated 5 months ago
- ☆12Feb 20, 2025Updated last year
- ☆12Jun 5, 2024Updated last year
- Query various sources for CVE proof-of-concepts☆53Jun 1, 2023Updated 2 years ago
- grep rough audit - source code auditing tool☆1,687Dec 19, 2025Updated 4 months ago
- A Productivity-Boosting Burp Suite extension written in Kotlin that enables persistent sticky session handling in web application testing…☆13Oct 8, 2025Updated 6 months ago
- My notes from courses,books ..etc☆48Nov 26, 2025Updated 5 months ago
- A list of threat sinks used in the manual security source code review for application security☆76May 9, 2023Updated 2 years ago
- History of commits related to the xz backdoor Discovered On March 29, 2024: CVE-2024-3094.☆10Apr 1, 2024Updated 2 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Find endpoints in archived versions of robots.txt☆14Nov 21, 2019Updated 6 years ago
- Welcome to RFS notes to CRTP - Certified Red Team Professional by Altered Security.☆22Aug 20, 2024Updated last year
- Every GitHub repo mentioning OSCP — hunted, cloned, read by AI, judged by a human. 399 clean repos.☆78Mar 5, 2026Updated last month
- CSPT is an open-source Burp Suite extension to find and exploit Client-Side Path Traversal.☆165Jul 2, 2024Updated last year
- OWASP ASVS Security Evaluation Templates with Nuclei☆42Dec 2, 2025Updated 4 months ago
- Repository with some necessary information for you to create your PenTest consultancy☆102Jan 12, 2025Updated last year
- HP Data Protector Arbitrary Remote Command Execution☆11Aug 12, 2018Updated 7 years ago
- Source Code Review resources for Bug Bounty Hunters & Developers. This Repo is updated consistently.☆80Dec 30, 2021Updated 4 years ago
- Whitebox source code review cheatsheet (Based on AWAE syllabus)☆172Feb 16, 2022Updated 4 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- A BurpSuite extension that allows you to use Chromium with PwnFox☆46Dec 23, 2025Updated 4 months ago
- ☆52Feb 12, 2024Updated 2 years ago
- OWASP Code Review Guide Web Repository☆150Jun 22, 2022Updated 3 years ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆78Feb 8, 2023Updated 3 years ago
- Python module for running BOFs☆80Nov 28, 2025Updated 5 months ago
- You can find hardcoded Api-Key,Secret,Token Etc..☆77Sep 3, 2022Updated 3 years ago
- This repo contains the code for my secure code review challenges. People used this as the primary resource to pass FAANG AppSec interview…☆344Mar 12, 2026Updated last month