Burp Suite User Forum

Login to post

Development Code review Best Practices.

Kabilan | Last updated: Oct 01, 2021 12:03PM UTC

Hi Team, Please help us to test the development code line by line using the burp automation tool by adding an extra tool/plugin to the burp extension/any other mothod. If not possible source code review, please suggest another tool in Portswigger. Sample example for Development Code review Best Practices: 1. Database: Is unit testing result provided with expected functionality output? Is sensitive datas scrambled in query output (Test environment)? Is limited number of temp table used in places to filter record and join to next table Is the query creating more rows than expected? Generate Actual Execution Plan result attached? Is SET NOCOUNT ON for stored procedure performing a lot of updates/deletes/inserts? 2.Web Service: Desing should consider generic API which can be consumed from different channels like mobile, Ipad or web. API request and response format should be in Jason. Use RESTful URLs and actions API version should be included in design of API. Audit log request should be maintained to track different actions and requested dates System error should be logged in separate one database table. Regards, Kabilan.

Kabilan | Last updated: Oct 04, 2021 06:44AM UTC

Hi Team, Any updates? Regards, Kabilan.

Uthman, PortSwigger Agent | Last updated: Oct 04, 2021 12:32PM UTC

You need to Log in to post a reply. Or register here, for free.