[Owasp-leaders] Code Review Guide Project 2.0 - Reviewing by Technical Control

Larry Conklin larry.conklin at owasp.org
Wed Oct 2 02:47:33 UTC 2013

Hi Everyone, Authors we need to get some content started for the Reviewing
by Technical Control section of our Code Review Guide book. I have listed
below content sections with authors name that have no content. Authors if
you can't complete the section you have signed up please remove our name in
the TOC (
Other please don't feel that only one author "owns" a content section,
remember this is a community project.

Also we still have sections open with no authors assigned. Any
volunteers??? This is a great project to be part of. Code Review Guide is
an OWASP flagship project.


Remember, write often, write in the wiki, have fun!!!

Larry Conklin

*Reviewing by Technical Control*

*Reviewing code for Authentication controls*

Author - Anand Prakash, Joan Renchie


*Checking authz upon every request*

Author - Abbas Naderi, Joan Renchie

*Reducing the attack surface, previous version to be updated*

Author - Chris Berberich

*Reviewing code for Session handling, previous version to be updated*

Author - Palak Gohil, Abbas Naderi


Author - Abbas Naderi


Author - Abbas Naderi

*HTML 5?*

Author - Sebastien Gioria

*Regex Gotchas*

Author - Abbas Naderi

* *

*Reviewing code for contextual encoding*

*HTML Attribute*

Author - Shenai Silva

*HTML Entity*

Author - Shenai Silva


Author - Abbas Naderi

*Resource Exhaustion - error handling*

Author - Abbas Naderi

*Native calls*

Author Abbas Naderi

*Review for active defense*

Author - Colin Watson

*Reviewing Secure Storage*

Author - Azzeddine Ramrami

*Reviewing by Technical Control  - Open need authors…*

*Out of Band considerations, previous version to be updated*

Author – Open

*Reviewing client side code, New Section*

Author – Open

*Browser Defenses policy*

Author - Open

*Review code for input validation*

Author – Open


Author – Open

*Content Security Policy*

Author – Open

*Javascript Parameters*

Author – Open

*Reviewing file and resource handling code*

Author – Open

*Reviewing Security alerts*

Author – Open

*Reviewing Security alerts*

Author – Open
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20131001/027a2c87/attachment.html>

More information about the OWASP-Leaders mailing list