OWASP Code Crawler 2.5 Released
OWASP Code Crawler is a .NET Windows Forms application built using Microsoft .NET C#, XML, Linq and few third parties open source components. Its development started in fall 2007 as a very simple prototype from a mail conversation between me (Alessio Marziali) and Eoin Keary (Code Review Project Leader and Board Member). Eoin spotted the hidden power of this tool and asked me if I could be interested in making it open source. Thrilled by the idea of joining OWASP, few months later Code Crawler became an official OWASP Project.
Over the years Code Crawler has substantially grown, mainly with the help of other volunteers around the world, and today I am very pleased to announce we have reached version 2.5. I personally want to thanks Tripurai Rai, Sasikumar Ganesan and Paulo Coimbra for helping me make this happen. In this release we have been focusing mainly on the UI of the application and also improved our database while introducing utilities like STRIDE, DREAD Calculator and ASP.NET ViewState Decoder. For a detailed list of features you can refer to the changelog attached at the end of this post.
License
OWASP Code Crawler 2.5 is a Creative Commons Attribution Share Alike 3.0 open source application which means you are free to copy, distribute, transmit and remix this code as you like. In this case, you must attribute the work in the manner specified by the author or licensor (but not in any way that suggests that they endorse you or your use of the work). If you alter, transform, or build upon this work, you may distribute the resulting work only under the same, similar or a compatible license.
Download
OWASP Code Crawler 2.5 can be downloaded from http://codecrawler.codeplex.com. Please be advised that in order to run Code Crawler requires Microsoft .NET Framework 3.5. You may download it from here (link to Microsoft download website).
Changelog
- Code Crawler Editor
- Find (CTRL+F)
- Mark Findings
- Select All (CTRL+A)
- Copy as RTF (sweet)
- CodeFolding
- SyntaxHighlight
- BracketMatching
- Unlimited Undo/Redo buffer
- Bookmarks
- Go to line (CTRL+G)
- Replace
- Breakpoints
- Single Scan Form
- New User Interface
- STRIDE Classification
- Direct links to MSDN and Google
- Shortcuts to Notepad and Calc
- Threats Count
- Printing
- RTF Report
- Visual Studio .NET (for VS 2005 - 2008)
- Supports ONLY C# Project files (*.csjpro)
- Bigger fonts
- Mainform
- New User Interface
- Links to OWASP content
- WASC Threat Classification 2.0
- Sun Java Guidelines
- Removed OWASP Browser
- Removed Network Scan
- Removed Reporting Frame
- Database
- 286 Keywords
- Multi STRIDE Schema
- Refactoring
- Utilities
- ASP.NET ViewState Decoder
- DREAD Calculator
