Agnitio 2.1 发布,安全代码审查工具

发布于 2011年10月25日
收藏 3



  • Windows x64 support (thanks to Steven van der Baan).
  • Decompile Android .apk files so you can analyse the source code and AndroidManifest.xml file. This uses tools like JAD so you will need to have Java installed on your machine to decompile the Android .apk files.
  • C# and Java rules from the OWASP Code Crawler tool imported into the Agnitio database and linked to the relevant checklist questions.
  • New checklist items for mobile application security code reviews. These checklist items were created to address items in the OWASP top 10 mobile risks project that weren’t covered by existing checklist items.
  • Application profiles can now be configured as either “Web” or “Mobile”. This will determine which checklist items from the database are used to create the checklist for the application being reviewed.
  • Create new checklist items. You will be able configure the relevant principle of secure development for the new checklist item as well as deciding whether this is a question for “Web”, “Mobile” or “Both”types of applications.
  • Modify existing checklist items. This was supposed to be included in v2.0 but a last minute changes made broke this functionality. You can now modify the text, the principle and type columns for questions in the checklist database.
  • Only one answer allowed per checklist item (thanks to Steven van der Baan).
  • Fixed a bug on the security code review tab where checklist items with no answers are highlighted in red and never “un-highlighted” (thanks to Steven van der Baan).
  • Added a language checkbox for Objective-C on the profile creation and view profile tabs.
  • Checklists are now sorted by principle and not by the question number.
转载请注明:文章转载自 OSCHINA 社区 []
本文标题:Agnitio 2.1 发布,安全代码审查工具