Unit tests: Review unit tests first. Unit tests are a fantastic way to grasp how code is meant to be used by others and to learn what the expected behavior is. Are there any test gaps that should be there?
Method arguments" Make sure arguments to methods make sense and are validated. Mentally test boundary conditions and edge cases.
Null References" (Yah yah, we know. Use F# and this goes away. We get it already.) Null references are a bitch and it’s worth looking out for them specifically.
Conventions Consistency" Make sure naming, formatting, etc. follow our conventions and are consistent. I like a codebase that’s fairly consistent so you know what to expect.
Disposables: Make sure disposable things are disposed. Look for usages of resources that should be disposed but are not.
Security: There is a whole threat and mitigation review process that falls under this bucket. In simple terms, ask yourself how this code could be exploited. The STRIDE Threat Model contains a list of potential threats to consider.
C# Library Code
async keyword Review library methods that use the async keyword to see if they actually need it as it can introduce extra uncessary cost. See this gist for an example.
async void methods These are a red flag and should probably return Task. See this post for more information.