sudoninja book
  • sudoninja book
  • About us
  • Security Area
    • Penetration Testing Methodologies
      • 7 Layer
    • How to Find CVE
      • TOP All bugbounty pentesting CVE
      • What is CVE
      • Where I try to find vulnerability and exploit
      • How to find vulnerability (approach).
      • How to Request CVE
      • My CVE
      • My submission on exploit DB
      • Write up and CVE
      • Published CVE on website
    • DAST/SAST
    • Penetration-Testing
      • Offensive-Resources
      • pentest tool
      • Mind map
    • Web Application Penetration Testing
      • Web Pentesting Methodology
      • Video
      • Cheat sheet
      • Book
      • Lab
      • Mind Map
      • Check list
      • Blog
      • Payload
      • Report
      • Tool
    • Network Penetration Testing
      • Checklist
    • Mobile Penetration testing
      • Mobile PT methology
      • APK Penetration Testing
      • Android PT
        • Methology
        • Github
        • video
        • Report
        • Tool
        • Mind Map
        • Payload
        • Cheat sheet
        • Check list
        • Lab
        • Book
        • Blog
      • iOS PT
        • Methology
        • Check list
        • Github
        • Lab
        • Book
        • Payload
        • Report
        • Mind Map
        • Blog
        • Tool
        • Video
      • Cheatsheet
      • Mind Map
    • Active Directory penetration testing
      • Methodology
      • Note
      • Checklist
      • Mind map
      • Cheatsheet
      • Tool
      • Note
      • Lab
      • Payload
    • API Penetration Testing
      • Methodology
      • Video
      • Book
      • Mind map
      • Lab
      • Checklist
      • Blog
      • Payload
      • Report
      • Tool
    • Source Code Review
      • Mindmap
      • Link
      • Blog
    • CTF
      • Practice
        • Youtube
        • CTF
    • IOT Penetration Testing
      • Methodology
      • Cheat sheet
      • Book
      • Mind Map
      • Check list
      • Blog
      • Video
      • Report
      • Tool
    • Red Teaming
      • Mind map
      • OSINT
      • Configure your own vulnerable CTF machine
    • Cloud Security
      • Google Cloud Platform
      • Azure
      • Report
      • AWS
      • Lab
    • Bug Bounty Hunting
      • Learning Engine for Bug Hunter
      • bug bounty tips
        • Book
        • Guide
      • Cheat sheet
      • Bugbounty writeup - medium / others
      • Hackerone Report
      • Recon map
      • Writeups
      • Bug bounty Platform
      • Tool
    • Thick Client Pentesting
    • Malware Analysis
    • DevSecOps
    • Wireless Penetration Testing
      • Note
      • Cheatsheet
  • Practice and improve skills
  • list of Vulnerabilities-1
    • 2FA/OTP Bypass
    • Account Takeover
    • Apache Log Poisoning through LFI
    • Broken Links
    • Bruteforcing
    • Business Logic Flaws
    • Broken Authentication & Session Management
    • Cross Site Scripting
    • Crawl/Fuzz
    • Content Security Policy (CSP)
    • CORS
    • CSRF
    • Clickjacking
    • CRLF
    • Command Injection
    • Client Side Template Injection (CSTI)
    • cookie
    • Cookies Hacking
    • Captcha Bypass
    • Dangling Markup - HTML scriptless injection
    • Deserialization
    • Directory Browsing
    • DNS Rebinding
    • Email Header Injection
    • Email attacks
    • File Inclusion/Path traversal
    • File Upload
    • Github Recon
    • Header injections
    • HTTP Request Smuggling
    • HTTP Parameter pollution
    • HTML Injection
    • HTTP Authentication
    • HTTP Protocol
    • IDOR
    • JWT Vulnerabilities (Json Web Tokens)
    • LDAP Injection
    • NoSQL injection
    • Open Redirect
    • Online hashes cracked
    • Race Condition
    • Ruby on Rails
    • Rate Limit Bypass
    • Pastejacking
    • Path Traversal
    • Password Reset
    • Prototype Pollution
    • SQL Injection
    • SSRF (Server Side Request Forgery)
    • SSTI (Server Side Template Injection)
    • Session fixation
    • Subdomain Takeover
    • S3 Bucket
    • Unicode Normalization vulnerability
    • XPATH injection
    • XSLT Server Side Injection
    • XXE - XML External Entity
    • XS-Search
    • Web Cache Deception
    • Web Sockets
    • Webshells
  • list of Vulnerabilities-2
    • Web Application Vulnerability 2022
  • Tool
    • sqlmap
      • Sql login bypass
    • Extra
    • Github
    • Search Engine for Hackers
    • Burp Extensions
    • Dorks
    • Python
    • one line script
      • more
  • Note
  • AWAE/OSWE
    • Cherry Tree
  • Burp Suite Certified Practitioner
    • Sql Injection
  • Pentesting Bible
  • Free Certification
  • Hack The Box
  • Bookmark
  • Report
  • Lab
    • MY Machine
  • Framework
    • OWASP guide
      • Map
      • OWASP Cheatsheet
  • CheatSheet
  • Mind Map
  • Certifications
  • Research Tool
  • Learn for Fun
    • Email spoofing
  • POST
    • Here are 24 websites to learn Linux for free:
    • 39 cybersecurity news resources
    • 30 cybersecurity search engines
    • 27 ways to learn ethical hacking for free
Powered by GitBook
On this page

Was this helpful?

  1. Security Area
  2. Source Code Review

Link

https://owasp.org/www-pdf-archive/OWASP_Code_Review_Guide_v2.pdf
https://owasp.org/www-pdf-archive/OWASP_Code_Review_Guide-V1_1.pdf
https://www.youtube.com/watch?v=fb-t3WWHsMQ
https://www.youtube.com/watch?v=kpf3UkMc5Y4
https://www.youtube.com/watch?v=FrvUvaPuNbw
https://github.com/OWASP/www-project-code-review-guide
https://medium.com/@paul_io/security-code-review-101-a3c593dc6854
https://paper.bobylive.com/Security/Code_Review_Guide_Pre-AlphaV2_%281%29.pdf
https://www.michaelagreiler.com/security-code-review-checklist/
https://www.atlassian.com/blog/add-ons/code-review-best-practices
https://scottlilly.com/code-review-mind-map/
https://www.xmind.app/m/pfdk/
http://tomek.kaczanowscy.pl/2012/08/code-reviews-mindmap/
https://pentestbook.six2dez.com/others/code-review
https://www.reddit.com/r/java/comments/y76qr/code_reviews_mindmap/
http://apps.testinsane.com/mindmaps/important-webapp-secure-code-review-assessment-keywords
https://blogs.oracle.com/javamagazine/post/mind-mapping-your-way-to-better-code
https://smartbear.com/blog/2012/mind-mapping-for-successful-software-development/?lang=de-de
https://www.schellman.com/blog/using-mind-maps-application-security-testing
https://www.schellman.com/blog/using-mind-maps-application-security-testing
https://www.youtube.com/watch?v=5FjeFDee8n0&list=PLRLebp9QyZtZvCoRZZgKialqFuZoFsuOg
https://www.youtube.com/watch?v=MWowAVwyt_4&list=PLBSp46ITmqYPTJv_RZcXE-YzvW5tR7Ah2
https://www.youtube.com/watch?v=AGXSjFEraQU&list=PLtIwqZV0BtaiFQiE9C4flNpXhnVu1s7je
PreviousMindmapNextBlog

Last updated 2 years ago

Was this helpful?