awesome-source-auditing
github.com/initsecret/awesome-source-auditing ↗A curated list of source auditing resources.
1
GitHub Stars
37
Curated Resources
6
Categories
17 hours ago
Last Refreshed
IntroductionManual ReferenceAutomationPracticeOther Awesome ListsThanks
Use this list with your AI agent
Add the Context Awesome MCP server to Claude, Cursor, or any MCP client, then ask:
"Show me vulnerability lists resources from awesome-source-auditing"
Installation instructions →What's inside
Manual Reference
- 2020 CWE Top 25Vulnerability Lists
- Bugs You'll Probably Only Have in RustVulnerability Lists
- CWE VIEW: Weaknesses in Software Written in CVulnerability Lists
- CWE VIEW: Weaknesses in Software Written in C++Vulnerability Lists
- CWE VIEW: Weaknesses in Software Written in JavaVulnerability Lists
- CWE VIEW: Weaknesses Introduced During DesignVulnerability Lists
Automation
- AddressSanitizerStatic Analysis Tools
- AFLSimple Fuzzers
a standard no-frills fuzzing engine
- clang static analyzerStatic Analysis Tools
easy to use, and might be a good second step after the sanitizers.
- CodeQLAutomated Searching
static analysis tool that is much more powerful than semgrep, but also harder to use.
- cppcheckStatic Analysis Tools
simple static analysis tool for C/C++.
- Creating an LLVM Sanitizer from Hopes and DreamsStatic Analysis Tools
tutorial on how to write a new LLVM sanitizer.
Other Awesome Lists
Practice
- CryptopalsWar Games / CTFs
- exploit.educationWar Games / CTFs
- The EthernautWar Games / CTFs
Introduction
- CTF Field Guide - Auditing Source CodeGuides
this was my first introduction to source auditing, I highly recommend watching the lectures.
- OWASP Code Review GuideGuides
this guide is quite large but it might be helpful to mentally index it and keep the link handy.
Showing a sample of 37 resources. View the full list on GitHub →