A tool to help developers and security professionals conduct manual security code reviews in a consistent and repeatable way. Agnitio aims to replace the adhoc nature of manual security code review documentation, create an audit trail and reporting.
It hasn’t been updated for a fair while sadly, and v2.1 was released in 2011 – but still it’s a useful tool and a decent update. The last time we wrote about it was when Agnitio v2.0 was released back in August 2011.
The major changes in v2.1 are listed below:
- Windows x64 support
- Automatically decompile Android .apk application to easily analyse the apps source code
- Application profiles now have an application type of either web or mobile which allows only relevant checklist items to be displayed during the security code review
- Create new checklist questions and mark them as web or mobile
- C# and Java rules from the OWASP Code Crawler project have been imported into the Agnitio database and linked to relevant checklist questions
You can download Agnitio v2.1 here:
Or read more here.
- WAF-FLE – Graphical ModSecurity Console Dashboard
- LOKI – Indicators Of Compromise Scanner
- Integrit – File Verification System
- Agnitio v1.2 – Manual Security Code Review Tool
- Agnitio v2.0 Released – Code Security Review Tool
- OWASP CodeCrawler – Static Code Review Tool
Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 119,823 views
- Password Hasher Firefox Extension - 117,571 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,653 views