Source Code Review Resources

WIP

programming_and_scripting_for_cybersecurity/getting_started_code_review.md

@@ -0,0 +1,39 @@
+# Getting Started to Perform Security Code Reviews
+The following are several resources that will help you get started on how to perform code reviews to find security bugs/vulnerabilities.
+
+**TIP:** 
+- Don't feel that you have to learn everything at once. Start by learning a framework, basics of a programming language, etc. 
+- After you learn the first one, the others will be easier to learn. 
+- For web security, gaining an understanding on how modern web frameworks work is one of the most important things. 
+- Do it side-by-side. Learn how to code and doing code review. It might seem overwhelming at first but it becomes better after you start understanding the code.
+
+
+## Resources for Learning Different Programming languages:
+
+- Learn Javascript: https://youtube.com/watch?v=PkZNo7MFNFg
+- Learn PHP: https://youtube.com/watch?v=OK_JCtrrv-c
+- Learn NodeJS: https://youtube.com/watch?v=RLtyhwFtXQA
+- Learn Django: https://youtube.com/watch?v=F5mRW0jo-U4
+- Learn Ruby on Rails: https://youtube.com/watch?v=fmyvWz5TUWg
+
+
+## Presentations and videos on code review:
+
+- https://youtube.com/watch?v=kpf3UkMc5Y4
+- https://youtube.com/watch?v=f6UOBCJ9pjw
+- https://youtube.com/watch?v=fb-t3WWHsMQ
+- https://youtube.com/watch?v=A8CNysN-lOM
+- https://youtube.com/watch?v=rAwxFw25x3E
+- https://youtube.com/watch?v=89rSpNBtVWE
+
+
+## Vulnerable codes to play around with:
+
+- https://github.com/xuezzou/Vulnerable-nodejs
+- https://github.com/cr0hn/vulnerable-node
+- https://github.com/SasanLabs/VulnerableApp-php
+- https://github.com/redpointsec/vtm
+- https://github.com/TROUBLE-1/White-box-pentesting
+- https://github.com/computer-engineer/WhiteboxPentest
+- https://owasp.org/SecureCodingDojo/codereview101/
+- https://github.com/search?q=org%3AShiftLeftSecurity+vulnerable&type=all