[Owasp-codereview] [Owasp-leaders] Simple Beta code review tool

Paolo Perego thesp0nge at gmail.com
Fri Feb 15 07:01:24 EST 2008


Hi guys, just a note to announce that I just released a new version of
Owasp Orizon Framework with the source code crawling APIs available
for Java and CSharp.

How can you use it?
Look at this example:
http://orizon.svn.sourceforge.net/viewvc/orizon/orizon_package/src/org/owasp/orizon/demo/jCrawlerDemo.java?view=markup&pathrev=269
Orizon default library contains both all the java than the csharp
dangerous keywords as listed in the Code review Guide.
In your crawling code you can extract the XML file containing the
keywords from the library and then create a JavaCrawler object using
the XML filename as contructor parameter.
As you may see, you have just to call the crawl method that returns
true if some keywords were found or false otherwise.
If crawl() method will return true, a Report object will be available
via getReport() method and full of the matching keywords.
Is it very simple isn't it?

Orizon v0.70 Jar file is available at this link:
http://sourceforge.net/project/platformdownload.php?group_id=177056&sel_platform=280

I hope you can find it usefull, I'm planning to add to Owasp Orizon
framework all the checks  you guys suggested in the Code review Guide.
Eoin sorry if I was not able to write some notes about my framework
for the printing copy of the guide but I was full of work. Am I in
time for the RC3 of the guide?

I'm waiting your feedback
Thanks
thesp0nge
On 12/02/2008, Eoin <eoin.keary at owasp.org> wrote:
> Hello,
>  The code review site now contains a link to a *very* simple beta code
>  rerview tool (CodeCrawler) which scans code for the API calls listed
>  in the code review guide ("Crawling code").
>
>  It can be found here:
>  https://www.owasp.org/index.php/Category:OWASP_Code_Review_Project
>
>  ek
>
>
>
>  --
>  Eoin Keary OWASP - Ireland
>  http://www.owasp.org/local/ireland.html
>  http://www.owasp.org/index.php/OWASP_Code_Review_Project
>  _______________________________________________
>  OWASP-Leaders mailing list
>  OWASP-Leaders at lists.owasp.org
>  https://lists.owasp.org/mailman/listinfo/owasp-leaders
>


-- 
Owasp Orizon leader
orizon.sourceforge.net


More information about the Owasp-codereview mailing list