OWASP goes Open Source (for real)

7Feb/094

OWASP goes Open Source (for real)

header

Code Crawler is now on CodePlex. It has been classified with the following keywords : CodeReview, C#. At the moment I decided to mark the project as Setup which means that the content that will be illustrated is still not available.

From tomorrow on the development will be shifted to CodePlex. Every file related to CodeCrawler previously hosted on cyphersec.com has already been deleted (Sorry for that had no choice).

Also a new beta release version will be linked from the main page which will include a couple of new features.

Increase stability
OWASP Code Guidelines support
Threat Analysis

Current Development Scenario:

In the next two weeks the Grid control used to list all the threats found in your file will be replaced by a new control (BUGID#931 Priority: Medium).

A new functionality will be also included which will make code crawler and advanced tool capable of crawling web applications affected by traversal path vulnerabilities (FEATUREID#940 Priority:Medium).

The Reporting UI will be redesigned from scratch. There is no reason to replace the reporting engine since it has reached a stable version. CC will keep supporting XSLT as standard for the reports area until new "polished" alternatives are proposed and , from a development prospective , well-integrated.

XML Engine and threats discover to be (20% at least) faster. Cracking the system using .NET 3.5 enhancements

Enhance Welcome Screen (BUGID#928 Priority:Medium); Code Crawler will be fully refined using a combination of black and gray colours. A mix of BlackBerry Style and Windows Vista Ultimate themes.

About Alessio Marziali

Alessio Marziali (MCTS) is a Security Consultant with 9 years of experience developing secure applications with Microsoft .NET in a variety of sectors in UK and Italy. Published technical author with two ASP.NET books currently available for purchase and OWASP Code Crawler Project Leader.