<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Code-Review on Elliot Belt</title><link>https://felixbillieres.github.io/tags/code-review/</link><description>Recent content in Code-Review on Elliot Belt</description><generator>Hugo -- gohugo.io</generator><language>en</language><managingEditor>felix.billieres@ecole2600.com (Elliot Belt)</managingEditor><webMaster>felix.billieres@ecole2600.com (Elliot Belt)</webMaster><copyright>© 2026 Elliot Belt</copyright><lastBuildDate>Wed, 01 Jul 2026 00:00:00 +0000</lastBuildDate><atom:link href="https://felixbillieres.github.io/tags/code-review/index.xml" rel="self" type="application/rss+xml"/><item><title>Reading Code for Vulnerabilities: What Actually Worked for Me</title><link>https://felixbillieres.github.io/posts/code-review-security-methodology/</link><pubDate>Wed, 01 Jul 2026 00:00:00 +0000</pubDate><author>felix.billieres@ecole2600.com (Elliot Belt)</author><guid>https://felixbillieres.github.io/posts/code-review-security-methodology/</guid><description>I wanted to get better at reading code for security issues. Not just knowing vulnerability names, but being able to sit down in front of an unfamiliar codebase and find things systematically. This is what I tried, what worked, and the mental model I ended up building around taint analysis. Python-first, but the approach transfers.</description><media:content xmlns:media="http://search.yahoo.com/mrss/" url="https://felixbillieres.github.io/posts/code-review-security-methodology/featured.png"/></item></channel></rss>