This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Category:OWASP Code Review Project"
Line 2: | Line 2: | ||
− | == Code Review Guide ( | + | ==Code review guide to be sponsored for Summer of Code 2008== |
+ | The OWASP code review guide is to be sponsored for the summer of code 2008. This shall enable the authors to further expand and refine the guide.<br> | ||
+ | Volunteers welcome for SoC 2008 | ||
+ | |||
+ | |||
+ | == Code Review Guide (RC2) Completed == | ||
The code review guide has been completed and is available here: | The code review guide has been completed and is available here: | ||
http://www.lulu.com/content/1415989 | http://www.lulu.com/content/1415989 |
Revision as of 09:33, 14 April 2008
This project has produced a book that can be downloaded or purchased. Feel free to browse the full catalog of available OWASP books. |
Code review guide to be sponsored for Summer of Code 2008
The OWASP code review guide is to be sponsored for the summer of code 2008. This shall enable the authors to further expand and refine the guide.
Volunteers welcome for SoC 2008
Code Review Guide (RC2) Completed
The code review guide has been completed and is available here: http://www.lulu.com/content/1415989 Either as a free PDF or a bound book.
Code review tool
The following link is for the new version of Code Crawler,code review tool which examines code for keywords discussed in the section "First sweep of the code base"
It has a new look and feel and also uses MS SQL Server express.
you can find it here:
http://www.cyphersec.com/software_archive/CodeCrawler.rar It's a lightweight tool and undergoing constant development.
Source code can be found here: http://www.cyphersec.com/software_archive/CodeCrawler_source.rar
Spring Of Code 2007
The Code review guide is proudly sponsored by the OWASP Spring of Code (SpOC) 2007. For more information please see http://www.owasp.org/index.php/OWASP_Spring_Of_Code_2007
Project Contributors
The OWASP Code Review project was concieved by Eoin Keary the OWASP Ireland Founder and Chapter Lead. We are actively seeking techies to add new sections as new web technologies emerge. If you are interested in volunteering for the project, or have a comment, question, or suggestion, please drop me a line mailto:[email protected]
Volunteers Needed
Yes please, drop me a line. Need help on this one, don't be shy, all help appreciated
Subscribe to the list
Go here to subscribe to the maillist.
http://lists.owasp.org/mailman/listinfo/owasp-codereview
Contents
OWASP Code Review Guide Table of Contents
Roadmap
View the OWASP Code Review Project Roadmap
Pages in category "OWASP Code Review Project"
The following 69 pages are in this category, out of 69 total.
C
- Classic ASP Design Mistakes
- Code Review Guide Foreword
- Code Review Guide Frontispiece
- Code Review Introduction
- Code Review Metrics
- Code Review Preparation
- Code Reviews and Compliance
- Codereview-Authentication
- Codereview-Authorization
- Codereview-Cryptography
- Codereview-Deployment
- Codereview-Error-Handling
- Codereview-Input Validation
- Codereview-Session-Management
- Crawling Code
- CRV2 ErrorHandlingMessages
- CRV2 MetricsCodeRev
- CRV2 PrepContext
- CRV2 SQLInjPHP
O
R
- Reasons for using automated tools
- References
- Reviewing Code for Authentication
- Reviewing Code for Authorization Issues
- Reviewing Code for Buffer Overruns and Overflows
- Reviewing code for Cross-Site Request Forgery issues
- Reviewing Code for Cross-site scripting
- Reviewing Code for Data Validation
- Reviewing Code for Error Handling
- Reviewing Code for Logging Issues
- Reviewing Code for OS Injection
- Reviewing Code for Race Conditions
- Reviewing Code for Session Integrity issues
- Reviewing Code for SQL Injection
- Reviewing Flash Applications
- Reviewing MySQL Security
- Reviewing The Secure Code Environment
- Reviewing Web Services