ASVS Code Security Reviewer

Automated security code review based on OWASP ASVS 4.0 standards

Upload a ZIP archive of your source code for comprehensive security analysis

Drop your ZIP file here or click to browse

Upload a ZIP archive containing your source code for security review

Maximum file size: 50MB

What we check:

Authentication & Session

  • • Hardcoded credentials
  • • Weak password requirements
  • • Insecure cookie configuration
  • • Session management issues

Input Validation

  • • SQL injection vulnerabilities
  • • Command injection risks
  • • Path traversal issues
  • • XSS vulnerabilities

Cryptography

  • • Weak algorithms (MD5, SHA1)
  • • Hardcoded encryption keys
  • • Insecure random generation
  • • Cryptographic misuse

Data Protection & API

  • • Sensitive data exposure
  • • Insecure communications
  • • CORS misconfiguration
  • • API security issues

Based on OWASP Application Security Verification Standard (ASVS) 4.0

This tool performs static analysis and may not catch all security issues. Always conduct thorough security testing and code review.