d3lb3/security-code-review external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

d3lb3/security-code-review

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/d3lb3/security-code-review)

Close

d3lb3 / security-code-reviewView on GitHubMore

• External links
• Readme badge

My personal collection of resources (mostly tools and training materials) for source code security audits.

☆106Aug 20, 2024Updated last year

Alternatives and similar repositories for security-code-review

Users that are interested in security-code-review are comparing it to the libraries listed below

• va1da5 / manual-source-code-review

  View on GitHub
  Regex patterns for manual application source code review
  ☆33Dec 14, 2020Updated 5 years ago
• claire-lex / megagrep

  View on GitHub
  Megagrep helps beginning a code review by searching for keywords in the code using "grep". It does not search for vulnerabilities directl…
  ☆15Aug 8, 2022Updated 3 years ago
• softwaresecured / secure-code-review-checklist

  View on GitHub
  A starter secure code review checklist
  ☆184Nov 26, 2018Updated 7 years ago
• mgreiler / secure-code-review-checklist

  View on GitHub
  ☆196Feb 26, 2023Updated 3 years ago
• vmnguyen / Code-Crawler

  View on GitHub
  Automatic tool using for crawling code to find low-hang fruit vulnerabilities - Based on OWASP Secure Code Review Guide
  ☆21Aug 31, 2020Updated 5 years ago
• apapedulimu / Learn-Source-Code-Review

  View on GitHub
  Learning source code review, spot vulnerability, find some ways how to fix it.
  ☆30Nov 17, 2022Updated 3 years ago
• shabarkin / CodeAllTheThings

  View on GitHub
  A list of threat sinks used in the manual security source code review for application security
  ☆76May 9, 2023Updated 2 years ago
• ministryofjustice / serpico-templates

  View on GitHub
  Report and finding templates used by the Serpico reporting tool
  ☆16Sep 26, 2018Updated 7 years ago
• catchingknives / AppSec-Training

  View on GitHub
  Training and certifications related to secure software development
  ☆11Feb 9, 2026Updated 2 weeks ago
• adipinto / HP-Data-Protector-RCE

  View on GitHub
  HP Data Protector Arbitrary Remote Command Execution
  ☆11Aug 12, 2018Updated 7 years ago
• tehryanx / normal.py

  View on GitHub
  Find unicode codepoints to use in normalisation and transformation attacks.
  ☆11Mar 15, 2021Updated 4 years ago
• GangGreenTemperTatum / stickyburp

  View on GitHub
  A Productivity-Boosting Burp Suite extension written in Kotlin that enables persistent sticky session handling in web application testing…
  ☆12Oct 8, 2025Updated 4 months ago
• wdahlenburg / CVESearch

  View on GitHub
  Query various sources for CVE proof-of-concepts
  ☆53Jun 1, 2023Updated 2 years ago
• yo-yo-yo-jbo / linux_pwn_intro

  View on GitHub
  ☆12Jun 5, 2024Updated last year
• llamaonsecurity / rio

  View on GitHub
  A handy plugin for copying requests/responses directly from Burp, some extra magic included.
  ☆13Oct 15, 2021Updated 4 years ago
• xssdoctor / ai_subdomain

  View on GitHub
  generates unique subdomain names and runs httpx on them
  ☆17Apr 8, 2024Updated last year
• emirkmo / xz-backdoor-github

  View on GitHub
  History of commits related to the xz backdoor Discovered On March 29, 2024: CVE-2024-3094.
  ☆10Apr 1, 2024Updated last year
• eversinc33 / SharpStartWebclient

  View on GitHub
  Programmatically start WebClient from an unprivileged session to enable that juicy privesc.
  ☆78Feb 8, 2023Updated 3 years ago
• kajalNair / OSWE-Prep

  View on GitHub
  An OSWE Guide
  ☆124Feb 18, 2021Updated 5 years ago
• Th3l0newolf / Interview-Questions

  View on GitHub
  Real Cyber Security Interview Questions for Various Job Roles
  ☆60May 21, 2022Updated 3 years ago
• proditis / bugbounty-cicd

  View on GitHub
  A set of Gitlab pipelines and Github workflows to automate and ease on BugBounty and Penetration Testing engagements
  ☆28Dec 18, 2022Updated 3 years ago
• IamAlch3mist / Awesome-Android-Vulnerability-Research

  View on GitHub
  ☆50Feb 14, 2026Updated 2 weeks ago
• d3lb3 / KeePass-the-Hash

  View on GitHub
  A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…
  ☆33Nov 12, 2022Updated 3 years ago
• egrullon / Wounty

  View on GitHub
  Wounty is a simple web enumeration script that makes use of other popular tools to automate the early stages of recognition in Bug Bounty…
  ☆14Feb 6, 2022Updated 4 years ago
• LuffySec / Automation-JS-Recon

  View on GitHub
  This tools used for Automating finding of subdomain, and checking for alive subdomain, and gathering js files from all the subdomain and …
  ☆22Jun 28, 2024Updated last year
• gosirys / WebSecurity-ITA-2009

  View on GitHub
  A training course on Web Security, Exploit Development and Source Code Auditing from 2009.
  ☆12Feb 15, 2022Updated 4 years ago
• Bytenull00 / SMB_Rotate

  View on GitHub
  A stealthy, fast and easy tool to spray Active Directory credentials and bypass AD credential spraying controls.
  ☆13Oct 13, 2022Updated 3 years ago
• lucas-santoni / sqli-platform

  View on GitHub
  Training for SQL injections
  ☆36Feb 3, 2019Updated 7 years ago
• aristosMiliaressis / js-analysis-tools

  View on GitHub
  A collection of js analysis tools & scripts.
  ☆19Updated this week
• theblackcat102 / awesome-code-obfuscation

  View on GitHub
  Collections of code obfuscation libaries for different languages ( in progress )
  ☆15Mar 18, 2023Updated 2 years ago
• Busirus / PyQt5-RansomwareBuilder

  View on GitHub
  Introducing the Ransomware Builder – an educational tool with a sleek, modern GUI that makes it easy for anyone to create their own ranso…
  ☆18Aug 4, 2024Updated last year
• OWASP / www-project-code-review-guide

  View on GitHub
  OWASP Code Review Guide Web Repository
  ☆148Jun 22, 2022Updated 3 years ago
• mrrootsec / AssetViz

  View on GitHub
  AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration test…
  ☆37Feb 15, 2026Updated 2 weeks ago
• DarkWolf-Labs / playbooks

  View on GitHub
  External Playbooks for Public Access
  ☆41Jan 31, 2025Updated last year
• Ayrx / frida-scripts

  View on GitHub
  Yet another collection of Frida scripts.
  ☆21Mar 6, 2022Updated 3 years ago
• manaver / codeGame

  View on GitHub
  ☆15Apr 5, 2023Updated 2 years ago
• caioluders / WBH

  View on GitHub
  Create subdomains and files wordlists from your browser history
  ☆13Jan 10, 2023Updated 3 years ago
• pdstat / graphqlextractor

  View on GitHub
  Extract GraphQL operations from javascript
  ☆23Nov 27, 2025Updated 3 months ago
• computer-engineer / WhiteboxPentest

  View on GitHub
  Whitebox source code review cheatsheet (Based on AWAE syllabus)
  ☆170Feb 16, 2022Updated 4 years ago