A starter secure code review checklist
☆184Nov 26, 2018Updated 7 years ago
Alternatives and similar repositories for secure-code-review-checklist
Users that are interested in secure-code-review-checklist are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆195Feb 26, 2023Updated 3 years ago
- My personal collection of resources (mostly tools and training materials) for source code security audits.☆106Aug 20, 2024Updated last year
- Regex patterns for manual application source code review☆33Dec 14, 2020Updated 5 years ago
- Megagrep helps beginning a code review by searching for keywords in the code using "grep". It does not search for vulnerabilities directl…☆15Aug 8, 2022Updated 3 years ago
- Automatic tool using for crawling code to find low-hang fruit vulnerabilities - Based on OWASP Secure Code Review Guide☆21Aug 31, 2020Updated 5 years ago
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- OWASP Web Application Security Testing Checklist☆2,118Aug 18, 2022Updated 3 years ago
- GetSimple CMS Custom JS Plugin Exploit RCE Chain☆11Mar 8, 2023Updated 3 years ago
- Labs from our workshop "Demystifying the server-side".☆17May 30, 2022Updated 3 years ago
- This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabi…☆364Mar 6, 2025Updated last year
- my nuclei templates #new☆10Jun 24, 2024Updated last year
- Perl wrapper for the capstone library☆13Mar 7, 2017Updated 9 years ago
- This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with t…☆934Jan 6, 2025Updated last year
- Basic c2-matrix analysis enviroment using Suricata + Wazuh + Elastic stack☆12Apr 18, 2020Updated 5 years ago
- OSWE Preparation☆670Jul 25, 2022Updated 3 years ago
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Zed Attack Proxy Scripts for finding CVEs and Secrets.☆128Jun 2, 2022Updated 3 years ago
- Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exh…☆681Aug 7, 2020Updated 5 years ago
- The Secure Coding Dojo is a platform for delivering secure coding knowledge.☆596Nov 23, 2025Updated 4 months ago
- An actively maintained, Self curated notes related to android application security for security professionals, bugbounty hunters, pentes…☆225Aug 26, 2021Updated 4 years ago
- Learning source code review, spot vulnerability, find some ways how to fix it.☆30Nov 17, 2022Updated 3 years ago
- Repo containing my personal walkthroughs of PMAT Labs i.e. PMAT Malware Samples.☆44Mar 23, 2022Updated 4 years ago
- Bug Bounty Program Discovery tool, that discovers bug Bounty Program via security.txt file by default and you can use custom dork☆16Jul 17, 2022Updated 3 years ago
- An OSWE Guide☆124Feb 18, 2021Updated 5 years ago
- BurpSiute - BurpBounty Profiles☆20Feb 10, 2023Updated 3 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- grep rough audit - source code auditing tool☆1,685Dec 19, 2025Updated 3 months ago
- jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert()…☆11Apr 9, 2021Updated 5 years ago
- List of all the Publicly disclosed vulnerabilities of Public Cloud Provider like Amazon Web Services (AWS), Microsoft Azure, Google Cloud…☆372May 4, 2023Updated 2 years ago
- A list of threat sinks used in the manual security source code review for application security☆76May 9, 2023Updated 2 years ago
- ☆21Dec 15, 2020Updated 5 years ago
- Most of the Google Acquisitions for Bug Bounty Hunter.☆65Sep 3, 2022Updated 3 years ago
- Bug Bounty & Other Stuff☆58Dec 16, 2021Updated 4 years ago
- ☆137Jul 9, 2021Updated 4 years ago
- Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki☆212Oct 31, 2024Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Collection of all the resources published by Payatu.☆11Aug 11, 2025Updated 7 months ago
- Example of a vulnerable NodeJS+Express+MySQL service☆20Jan 17, 2023Updated 3 years ago
- ☆12Feb 18, 2022Updated 4 years ago
- ☆432Feb 2, 2022Updated 4 years ago
- DEF CON 26 Workshop - Attacking & Auditing Docker Containers Using Open Source☆108Nov 18, 2019Updated 6 years ago
- Detects request smuggling via HTTP/2 downgrades.☆94Jul 30, 2022Updated 3 years ago
- Whitebox source code review cheatsheet (Based on AWAE syllabus)☆169Feb 16, 2022Updated 4 years ago