Pentest Book
  • /home/six2dez/.pentest-book
  • Contribute/Donate
  • Recon
    • Public info gathering
    • Root domains
    • Subdomain Enum
      • Subdomain Takeover
    • Webs recon
    • Network Scanning
    • Host Scanning
    • Packet Scanning
  • Enumeration
    • Files
    • SSL/TLS
    • Ports
    • Web Attacks
      • General Info
      • Quick tricks
      • Header injections
      • Bruteforcing
      • Online hashes cracked
      • Crawl/Fuzz
      • LFI/RFI
      • File upload
      • SQLi
      • SSRF
      • Open redirects
      • XSS
      • CSP
      • XXE
      • Cookie Padding
      • Webshells
      • CORS
      • CSRF
      • Web Cache Poisoning
      • Broken Links
      • Clickjacking
      • HTTP Request Smuggling
      • Web Sockets
      • CRLF
      • IDOR
      • Web Cache Deception
      • Session fixation
      • Email attacks
      • Pastejacking
      • HTTP Parameter pollution
      • SSTI
      • Prototype Pollution
      • Command Injection
      • Deserialization
      • DNS rebinding
    • Web Technologies
      • APIs
      • JS
      • ASP.NET
      • JWT
      • GitHub
      • GitLab
      • WAFs
      • Firebird
      • Wordpress
      • WebDav
      • Joomla
      • Jenkins
      • IIS
      • VHosts
      • Firebase
      • OWA
      • OAuth
      • Flask
      • Symfony && Twig
      • Drupal
      • NoSQL (MongoDB, CouchDB)
      • PHP
      • RoR (Ruby on Rails)
      • JBoss - Java Deserialization
      • OneLogin - SAML Login
      • Flash SWF
      • Nginx
      • Python
      • Tomcat
      • Adobe AEM
      • Magento
      • SAP
      • MFA/2FA
      • GWT
      • Jira
      • OIDC (Open ID Connect)
      • ELK
      • Sharepoint
      • Others
    • Cloud
      • General
      • Cloud Info Gathering
      • AWS
      • Azure
      • GCP
      • Docker && Kubernetes
      • CDN - Comain Fronting
  • Exploitation
    • Payloads
    • Reverse Shells
    • File transfer
  • Post Exploitation
    • Linux
    • Pivoting
    • Windows
      • AD
        • Kerberos
      • PS tips & tricks
  • Mobile
    • General
    • Android
    • iOS
  • Others
    • Burp Suite
    • Password cracking
    • VirtualBox
    • LLM/AI/ML/prompt testing
    • Code review
    • Pentesting Web checklist
    • Internal Pentest
    • Web fuzzers review
    • Recon suites review
    • Subdomain tools review
    • Random
    • Master assessment mindmaps
    • BugBounty
    • Exploiting
    • tools everywhere
Powered by GitBook
On this page
  • General
  • JavaScript
  • NodeJS
  • Electron
  • Python
  • .NET
  • PHP
  • C/C++
  • Java

Was this helpful?

Edit on GitHub
Export as PDF
  1. Others

Code review

PreviousLLM/AI/ML/prompt testingNextPentesting Web checklist

Last updated 2 months ago

Was this helpful?

General

# Guidelines
https://rules.sonarsource.com/

# Resource
https://vladtoie.gitbook.io/secure-coding/

# Tools
https://www.sonarqube.org/downloads/
https://deepsource.io/signup/
https://github.com/pyupio/safety
https://github.com/returntocorp/semgrep
https://github.com/WhaleShark-Team/cobra
https://github.com/mhaskar/Bughound

# Find interesting strings
https://github.com/s0md3v/hardcodes
https://github.com/micha3lb3n/SourceWolf
https://libraries.io/pypi/detect-secrets

# Tips
1.Important functions first
2.Follow user input
3.Hardcoded secrets and credentials
4.Use of dangerous functions and outdated dependencies
5.Developer comments, hidden debug functionalities, configuration files, and the .git directory
6.Hidden paths, deprecated endpoints, and endpoints in development
7.Weak cryptography or hashing algorithms
8.Missing security checks on user input and regex strength
9.Missing cookie flags
10.Unexpected behavior, conditionals, unnecessarily complex and verbose functions

JavaScript

https://jshint.com/
https://github.com/jshint/jshint/

NodeJS

https://github.com/ajinabraham/nodejsscan

Electron

https://github.com/doyensec/electronegativity
https://github.com/doyensec/awesome-electronjs-hacking

Python

# bandit
https://github.com/PyCQA/bandit
# pyt
https://github.com/python-security/pyt
# atheris
https://github.com/google/atheris
# aura
https://github.com/SourceCode-AI/aura

.NET

# dnSpy
https://github.com/0xd4d/dnSpy

# .NET compilation
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe test.cs

# Cheatsheet
https://www.c-sharpcorner.com/UploadFile/ajyadav123/net-penetration-testing-cheat-sheet/

PHP

# phpvuln
https://github.com/ecriminal/phpvuln

C/C++

# flawfinder
https://github.com/david-a-wheeler/flawfinder

Java

# JD-Gui
https://github.com/java-decompiler/jd-gui

# Java compilation step-by-step
javac -source 1.8 -target 1.8 test.java
mkdir META-INF
echo "Main-Class: test" > META-INF/MANIFEST.MF
jar cmvf META-INF/MANIFEST.MF test.jar test.class

Task

Command

Execute Jar

java -jar [jar]

Unzip Jar

unzip -d [output directory] [jar]

Create Jar

jar -cmf META-INF/MANIFEST.MF [output jar] *

Base64 SHA256

sha256sum [file] | cut -d' ' -f1 | xxd -r -p | base64

Remove Signing

rm META-INF/.SF META-INF/.RSA META-INF/*.DSA

Delete from Jar

zip -d [jar] [file to remove]

Decompile class

procyon -o . [path to class]

Decompile Jar

procyon -jar [jar] -o [output directory]

Compile class

javac [path to .java file]

A Pentester's Guide to Source Code ReviewCobalt
Logo