GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → OWASP → www-project-code-review-guide

OWASP / www-project-code-review-guide

Licence: CC-BY-SA-4.0 license
OWASP Code Review Guide Web Repository

Programming Languages

HTML
75241 projects
SCSS
7915 projects
ruby
36898 projects - #4 most used programming language

Labels

guideowaspcodereviewappsecwebappsecwebappsecurity

Projects that are alternatives of or similar to www-project-code-review-guide

www-project-vulnerable-web-applications-directory
The OWASP Vulnerable Web Applications Directory (VWAD) Project - OWASP Web Site
Stars: ✭ 10 (-86.49%)
Mutual labels:  owasp, appsec, webappsec
Www Community
OWASP Community Pages are a place where OWASP can accept community contributions for security-related content.
Stars: ✭ 409 (+452.7%)
Mutual labels:  owasp, appsec
Dependency Check Sonar Plugin
Integrates Dependency-Check reports into SonarQube
Stars: ✭ 332 (+348.65%)
Mutual labels:  owasp, appsec
Owasp Vwad
The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
Stars: ✭ 487 (+558.11%)
Mutual labels:  owasp, appsec
appsec awareness training
Application Security Awareness Training
Stars: ✭ 17 (-77.03%)
Mutual labels:  owasp, appsec
Whatweb
Next generation web scanner
Stars: ✭ 3,503 (+4633.78%)
Mutual labels:  owasp, appsec
Zap Extensions
OWASP ZAP Add-ons
Stars: ✭ 486 (+556.76%)
Mutual labels:  owasp, appsec
nodejssecurity
Documentation for Essential Node.js Security
Stars: ✭ 64 (-13.51%)
Mutual labels:  owasp, appsec
Zaproxy
The OWASP ZAP core project
Stars: ✭ 9,078 (+12167.57%)
Mutual labels:  owasp, appsec
Securityrat
OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
Stars: ✭ 115 (+55.41%)
Mutual labels:  owasp, appsec
Sbt Dependency Check
SBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+152.7%)
Mutual labels:  owasp, appsec
vapi
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Stars: ✭ 674 (+810.81%)
Mutual labels:  owasp, appsec
dependency-check-plugin
Jenkins plugin for OWASP Dependency-Check. Inspects project components for known vulnerabilities (e.g. CVEs).
Stars: ✭ 107 (+44.59%)
Mutual labels:  owasp, appsec
Cheatsheetseries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Stars: ✭ 19,302 (+25983.78%)
Mutual labels:  owasp, appsec
OWASP-Calculator
🧮 An online calculator to assess the risk of web vulnerabilities based on OWASP Risk Assessment
Stars: ✭ 109 (+47.3%)
Mutual labels:  guide, owasp
Juice Shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+8372.97%)
Mutual labels:  owasp, appsec
Secure-Coding-Handbook
Web Application Secure Coding Handbook resource.
Stars: ✭ 328 (+343.24%)
Mutual labels:  owasp, webappsecurity
Resources-for-Application-Security
Some good resources for getting started with application security
Stars: ✭ 97 (+31.08%)
Mutual labels:  owasp, appsec
Dependency Track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Stars: ✭ 718 (+870.27%)
Mutual labels:  owasp, appsec
Zap Hud
The OWASP ZAP Heads Up Display (HUD)
Stars: ✭ 201 (+171.62%)
Mutual labels:  owasp, appsec
View All Similar Projects ➔

OWASP Secure Code Review Guide

Contributions Welcome

Creative Commons License

Welcome to the official repository for the Secure Code Review Guide. The Secure Code Review Guide is a comprehensive guide that aids software developers in reviewing code for security vulnerabilities and security bugs.

We are currently working on a new release (3.0), and our project is open for contributions. Have a look at the discussion folder to see how the project is shaping up and read about the roadmap and vision.

To find the previous code review guide 2.0 here.

How to contribute

The new release of the secure code review guide has just started, and as such, it's a fantastic time to join us and help shape the latest version. We welcome your contributions, whether you have a lot or just minimal experience in software engineering, security, or IT. We are happy to help you get started. Similarly, if you have a lot or just a little time at your hand, there are plenty of opportunities to help with this project.

Here are a few ways you can help:

  • Please help us fix any spelling mistakes or grammatical errors in the current draft.
  • The code review guide is only available in English, but it would be great if you could help translate it to another language.
  • We have a list of open issues from which you can pick one to work on and submit a pull request. If you need help with getting started, please get in touch.
  • Finally, if you have an excellent idea for improving the code review guide, you can also open a new issue yourself.

Get in touch

You can find us on Slack:

  1. Join the OWASP Group Slack with this invitation link.
  2. Join this project's channel #project-secure-code-review-guide

Feel free to ask questions, suggest ideas, or share your best recipes.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].