Getting started
Last updated
Was this helpful?
Last updated
Was this helpful?
Before we dive into why, it's worth mentioning that this section is related to code review with the intent of finding security vulnerabilities and weaknesses within web applications. Not the typical peer review carried out be development teams. If you're interested in code review in general, this is a good place to start . From now on, we'll be looking at code review to support pentesting and security research activities.
There are many benefits to code review, and it's a skill that takes time to build. The main benefits are:
Easily spot certain vulnerabilities or weaknesses
Hardcoded credentials
Weak encryption
Insecure libraries or dependencies
Find hidden or complex vulnerabilities
Find malicious code (e.g. backdoors)
Achieve compliance