B-409, Raj Corner, Opp. Vasupujya Residency,New Pal Road,

Surat, Gujarat

E: [email protected]

P: +91 7984 995 759


1st Floor, DL 124, DL Block, Sector II, Saltlake,

Kolkata, West Bengal 700091

E: [email protected]

P: +91 33 4008 5677

Source Code Review

Source Code Review

Source code security analysis (source code review) is the examination of an application source code to find errors overlooked in the initial development phase. A tester launches a code analyzer that scans line-by-line the code of an application. Once the analyzer, deployed in a testing environment, finds vulnerabilities, the penetration tester manually checks them to eliminate false positives.

The strong point of source code review is the ability to identify the following vulnerabilities:-

  1. Encryption errors. These include weak encryption algorithms, as well as strong encryption algorithms with weak implementation (e.g., insecure key storage).
  2. All cases of SQL injections, XSS (cross-site scripting) vulnerabilities.
  3. Buffer overflows (more data is put into the buffer than it can handle).
  4. Race conditions (performing two or more operations at the same time).