OWASP Code Crawler v2.5 released
A tool aimed at assisting code review practitioners. It is a static code review tool which searches for key topics within .NET and J2EE/JAVA code. The aim of the tool is to accompany the OWASP Code review Guide and to implement a total code review solution for "everyone".
Changelog :
Code Crawler Editor
- Find (CTRL+F)
- Mark Findings
- Select All (CTRL+A)
- Copy as RTF (sweet)
- CodeFolding
- SyntaxHighlight
- BracketMatching
- Unlimited Undo/Redo buffer
- Bookmarks
- Go to line (CTRL+G)
- Replace
- Breakpoints
Single Scan Form
- New User Interface
- STRIDE Classification
- Direct links to MSDN, Google
- Shortcuts to Notepad, Calc
- Threats Count
- Printing
- RTF Report
Visual Studio .NET (for VS 2005 - 2008)
- Supports ONLY C# Project files (*.csjpro)
- Bigger fonts
Mainform
- New User Interface
- Links to OWASP content
- WASC Threat Classification 2.0
- Removed OWASP Browser
- Removed Network Scan
- Removed Reporting Frame
Database
- 286 Keywords (Tripurai Rai)
- Multi STRIDE Schema (Tripurai Rai)
- Refactoring (Tripurai Rai)
Utilities
- ASP.NET ViewState Decoder
- DREAD Calculator
Currently supports
- .NET (specifically C#)
- Java
Requirements
- .NET Framework 3.5 (Service Pack 1)
- Visual Studio 2008
- Windows Platform
Please note that OWASP Code Crawler requires Microsoft .NET Framework 3.5 in order to run.
For more information about this tool, see the Official Web
Post scriptum
Compliance Mandates
|