安全代码审查工具 Agnitio 2.1 发布
fmms 13年前
<p>Agnitio是一个安全代码审查工具,可以帮助开发者和专业安全人员以一种一致和可重复得方式进行代码审查。Agnitio的目标是取代安全代码审查过程中人工撰写文档的方式,创建一个审计跟踪和报告。<br /> <span style="font-weight:bold;">项目地址</span>:<a href="/misc/goto?guid=4958195753734038875" target="_blank">http://sourceforge.net/projects/agnitiotool/?_test=beta</a><br /> </p> <p>目前,Agnitio更新至2.1版,新版主要改变:</p> <ul> <li>Windows x64 support (thanks to Steven van der Baan).</li> <li>Decompile Android .apk files so you can analyse the source code and AndroidManifest.xml file. This uses tools like JAD so you will need to have Java installed on your machine to decompile the Android .apk files.</li> <li>C# and Java rules from the OWASP Code Crawler tool imported into the Agnitio database and linked to the relevant checklist questions.</li> <li>New checklist items for mobile application security code reviews. These checklist items were created to address items in the OWASP top 10 mobile risks project that weren’t covered by existing checklist items.</li> <li>Application profiles can now be configured as either “Web” or “Mobile”. This will determine which checklist items from the database are used to create the checklist for the application being reviewed.</li> <li>Create new checklist items. You will be able configure the relevant principle of secure development for the new checklist item as well as deciding whether this is a question for “Web”, “Mobile” or “Both”types of applications.</li> <li>Modify existing checklist items. This was supposed to be included in v2.0 but a last minute changes made broke this functionality. You can now modify the text, the principle and type columns for questions in the checklist database.</li> <li>Only one answer allowed per checklist item (thanks to Steven van der Baan).</li> <li>Fixed a bug on the security code review tab where checklist items with no answers are highlighted in red and never “un-highlighted” (thanks to Steven van der Baan).</li> <li>Added a language checkbox for Objective-C on the profile creation and view profile tabs.</li> <li>Checklists are now sorted by principle and not by the question number.</li> </ul> 本文转载自: <a href="/misc/goto?guid=4958195754463437591" rel="nofollow">http://www.pulog.org/tools/2293/Agnitio-2.1/</a>