A starter secure code review checklist
☆184Nov 26, 2018Updated 7 years ago
Alternatives and similar repositories for secure-code-review-checklist
Users that are interested in secure-code-review-checklist are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆195Feb 26, 2023Updated 3 years ago
- My personal collection of resources (mostly tools and training materials) for source code security audits.☆107Aug 20, 2024Updated last year
- Regex patterns for manual application source code review☆33Dec 14, 2020Updated 5 years ago
- Megagrep helps beginning a code review by searching for keywords in the code using "grep". It does not search for vulnerabilities directl…☆15Aug 8, 2022Updated 3 years ago
- Automatic tool using for crawling code to find low-hang fruit vulnerabilities - Based on OWASP Secure Code Review Guide☆21Aug 31, 2020Updated 5 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- OWASP Web Application Security Testing Checklist☆2,124Aug 18, 2022Updated 3 years ago
- GetSimple CMS Custom JS Plugin Exploit RCE Chain☆11Mar 8, 2023Updated 3 years ago
- Labs from our workshop "Demystifying the server-side".☆17May 30, 2022Updated 3 years ago
- This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabi…☆364Mar 6, 2025Updated last year
- my nuclei templates #new☆10Jun 24, 2024Updated last year
- ☆16Apr 21, 2021Updated 5 years ago
- Perl wrapper for the capstone library☆14Mar 7, 2017Updated 9 years ago
- This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with t…☆938Jan 6, 2025Updated last year
- Basic c2-matrix analysis enviroment using Suricata + Wazuh + Elastic stack☆13Apr 18, 2020Updated 6 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- OSWE Preparation☆672Jul 25, 2022Updated 3 years ago
- Zed Attack Proxy Scripts for finding CVEs and Secrets.☆127Jun 2, 2022Updated 3 years ago
- Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exh…☆683Aug 7, 2020Updated 5 years ago
- The Secure Coding Dojo is a platform for delivering secure coding knowledge.☆599Nov 23, 2025Updated 5 months ago
- An actively maintained, Self curated notes related to android application security for security professionals, bugbounty hunters, pentes…☆226Aug 26, 2021Updated 4 years ago
- Learning source code review, spot vulnerability, find some ways how to fix it.☆30Nov 17, 2022Updated 3 years ago
- Repo containing my personal walkthroughs of PMAT Labs i.e. PMAT Malware Samples.☆44Mar 23, 2022Updated 4 years ago
- Bug Bounty Program Discovery tool, that discovers bug Bounty Program via security.txt file by default and you can use custom dork☆16Jul 17, 2022Updated 3 years ago
- An OSWE Guide☆125Feb 18, 2021Updated 5 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- BurpSiute - BurpBounty Profiles☆20Feb 10, 2023Updated 3 years ago
- grep rough audit - source code auditing tool☆1,687Dec 19, 2025Updated 4 months ago
- jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()…☆11Apr 9, 2021Updated 5 years ago
- A list of threat sinks used in the manual security source code review for application security☆76May 9, 2023Updated 2 years ago
- ☆21Dec 15, 2020Updated 5 years ago
- A minimal Express boilerplate with passport user authentication, mongoose and some security setup configured☆17Jul 15, 2019Updated 6 years ago
- Most of the Google Acquisitions for Bug Bounty Hunter.☆65Sep 3, 2022Updated 3 years ago
- Bug Bounty & Other Stuff☆58Dec 16, 2021Updated 4 years ago
- ☆138Jul 9, 2021Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki☆212Oct 31, 2024Updated last year
- Collection of all the resources published by Payatu.☆11Aug 11, 2025Updated 8 months ago
- Example of a vulnerable NodeJS+Express+MySQL service☆20Jan 17, 2023Updated 3 years ago
- ☆12Feb 18, 2022Updated 4 years ago
- ☆431Feb 2, 2022Updated 4 years ago
- DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source☆108Nov 18, 2019Updated 6 years ago
- Detects request smuggling via HTTP/2 downgrades.☆94Jul 30, 2022Updated 3 years ago