Bug Bounty for Beginners - Reference Little Book
  • 📘Little Bug Bounty Book
  • ❓What is Bug Bounty
  • 🎯Bug Bounty Platforms
  • 🪜Phases of Bug Hunting
  • ⚠️Required Knowledge
  • 📣So, where do I start?
    • Network Security
    • Application Security
    • Mobile Security
    • Code Review and SAST
    • OWASP?
  • 🔎Reconnaissance Phase
    • Footprinting
      • OSINT
      • Google Dorks
      • Censys
      • Shodan
    • Subdomain Enumeration
      • Amass
      • Subfinder
      • Assetfinder
      • Aquatone
      • DNSrecon
      • DNSEnum
      • HTTPX
      • ReconFTW
    • Fingerprint
      • Nmap
      • Rustscan
      • Masscan
  • 🐞Scanning Phase
    • OpenVAS
    • Nuclei
    • OWASP Zap
    • NMAP
    • Looking for Parameters with Katana
    • Searching for XSS
    • SQL Injection (SQLi)
  • ♨️Testing Phase
    • Manual Validation
    • Severity Assessment in Vulnerability Testing
    • Exploitation Phase
    • Documentation of Findings
  • 📖Reporting Phase
Powered by GitBook
On this page
  1. So, where do I start?

Code Review and SAST

Where to find resources about Code Review and SAST?

  1. OWASP Code Review Project: The OWASP Code Review Project provides a comprehensive guide to code review, including best practices, methodologies, and tools.

  2. Secure Code Warrior: Secure Code Warrior is an online platform that provides training and assessment on secure coding practices, including code review and SAST.

  3. SANS Institute: The SANS Institute offers several courses on software security, including code review and SAST, taught by experienced security professionals.

  4. Udemy: Udemy is an online learning platform that offers a variety of courses on software security, including code review and SAST.

  5. Coursera: Coursera is another online learning platform that offers courses on software security, including code review and SAST.

  6. Pluralsight: Pluralsight is an online learning platform that offers courses on software security, including code review and SAST.

  7. Code Review Checklist: The Code Review Checklist is a comprehensive list of items to consider when reviewing code for security vulnerabilities, including best practices and guidelines for SAST.

PreviousMobile SecurityNextOWASP?

Last updated 2 years ago

📣