Category:OWASP Code Review Project

Click here to return to OWASP Projects page. Click here to see (& edit, if wanted) the template.

Contents
OWASP Code Review Guide Table of Contents

Code review guide to be part of Summer of Code 2008
The OWASP code review guide is to given the go-ahead for the summer of code 2008. This shall enable the authors to further expand and refine the guide. Volunteers welcome for SoC 2008

Code Review Guide (RC2) Completed
The code review guide has been completed and is available here: http://www.lulu.com/content/1415989 Either as a free PDF or a bound book.

Code review tool
The following link is for the new version of Code Crawler,code review tool which examines code for keywords discussed in the section "First sweep of the code base" It has a new look and feel and also uses MS SQL Server express.

you can find it here:

http://www.cyphersec.com/software_archive/CodeCrawler.rar It's a lightweight tool and undergoing constant development.

Source code can be found here: http://www.cyphersec.com/software_archive/CodeCrawler_source.rar

Owasp Orizon Code review engine
The Owasp Orizon Project is born in 2006 to provide a set of APIs to provide an opensource engine to provide static analysis services to developers that wants to build a code review tool.

The Owasp Orizon will evolve accordingly in order to implement security checks described in the Code Review Guide. With the framework a UI is also provided in order to give people a standalone tool to realize code review for the security flaws listed in the "The Owasp Code Review Top 10 flaw categories"

The Owasp Orizon main page is available here: http://www.owasp.org/index.php/Category:OWASP_Orizon_Project

Source code is hosted at Sourceforge.net site: http://orizon.sourceforge.net

Spring Of Code 2007
The Code review guide is proudly sponsored by the OWASP Spring of Code (SpOC) 2007. For more information please see http://www.owasp.org/index.php/OWASP_Spring_Of_Code_2007

Project Contributors
The OWASP Code Review project was conceived by Eoin Keary the OWASP Ireland Founder and Chapter Lead. We are actively seeking techies to add new sections as new web technologies emerge. If you are interested in volunteering for the project, or have a comment, question, or suggestion, please drop me a line mailto:eoin.keary@owasp.org

Volunteers Needed
Yes please, drop me a line. Need help on this one, don't be shy, all help appreciated

Subscribe to the list
Go here to subscribe to the maillist.

http://lists.owasp.org/mailman/listinfo/owasp-codereview

Roadmap
View the OWASP Code Review Project Roadmap