Code Crawler v2.4 Beta - OWASP Code Review Tool

A tool aimed at assisting code review practitioners. It is a static code review tool which searches for key topics within .NET and J2EE/JAVA code. The aim of the tool is to accompany the OWASP Code review Guide and to implement a total code review solution for "everyone".

JPEG - 5.3 kb

Currently supports

  • .NET (specifically C#)
  • Java


  • .NET Framework 3.5 (Service Pack 1)
  • Visual Studio 2008
  • Windows Platform

This is a preliminary release of OWASP Code Crawler. It contains many, but not all, the features we are developing for Code Crawler 2.5. In this release they have added more stability to the Reporting area as well some nice improvements on the source code editor.

Code Crawler 2.5 is planned to be released at the end of this month.

JPEG - 20.4 kb

Please note that OWASP Code Crawler requires Microsoft .NET Framework 3.5 in order to run.

For more information about this tool, see the Official Web

Tool Submitted by Sebastien Gioria (OWASP French Team leader)

Post scriptum

Compliance Mandates

  • Code Auditing :

    PCI/DSS 6.3.6, 6.3.7, 6.6, SOX A12.8, GLBA 16CFR Part 314.4(b) and (2);FISMA RA-5, SC-18, SA-11 SI-2, and ISO 27001/27002 (12.4.1, 12.4.3, 12.5)

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2

Related Articles

Code Auditing
Code Crawler
Configurations checks
Vulnerability Scanner