A tool to help developers and security professionals conduct manual security code reviews in a consistent and repeatable way. Agnitio aims to replace the adhoc nature of manual security code review documentation, create an audit trail and reporting.
It hasn’t been updated for a fair while sadly, and v2.1 was released in 2011 – but still it’s a useful tool and a decent update. The last time we wrote about it was when Agnitio v2.0 was released back in August 2011.
The major changes in v2.1 are listed below:
- Windows x64 support
- Automatically decompile Android .apk application to easily analyse the apps source code
- Application profiles now have an application type of either web or mobile which allows only relevant checklist items to be displayed during the security code review
- Create new checklist questions and mark them as web or mobile
- C# and Java rules from the OWASP Code Crawler project have been imported into the Agnitio database and linked to relevant checklist questions
You can download Agnitio v2.1 here:
Or read more here.
- Tiger – Unix Security Audit & Intrusion Detection Tool
- Egress-Assess – Test Network Egress Data Detection
- Just-Metadata – Gathers & Analyse IP Address Metadata
- Agnitio v1.2 – Manual Security Code Review Tool
- Agnitio v2.0 Released – Code Security Review Tool
- OWASP CodeCrawler – Static Code Review Tool
Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 119,684 views
- Password Hasher Firefox Extension - 117,431 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,630 views