Agnitio 2.1 which is the latest version, can be downloaded here. Developed by David Rook (Security Ninja), it''s a great tool for secure code review.
Here is the Wikipedia definition of Static Code Analysis. It involves pattern matching inside the source code, usually done by an automated tool.
Agnitio also supports reverse engineering of Android .APK files and the doing a static analysis of the Java code. This is an automated tool, this procedure can also be performed manually using Baksmali utility, where we can extract the source code of the Android application using the binary.
Here's a step-by-step procedure to reverse engineer Android .APK file using Agnitio :-
Step 1 :- Download and install Agnitio.
Step 2:- Agnitio doesn't create a folder in the start menu. So, go to the path where you installed it. Generally it is at C:\Program Files\Agnitio\ path. Run the Agnitio application.
Step 3:- Click on Static Analysis Tab.
Step 4:- Click on Browse, and select the path of folder where your .APK file (application binary) is stored.
Step 5:- Now select Java and as the language, select the .APK file and then click on Scan.
Step 6:- Click on OK for the following prompt.
Step 7:- After the scan is complete, expand the tree to reveal the structure of the code.
Step 8:- Select the file that you want to do static code analysis for and again click on Scan after selecting Java as the language.
Step 9:- This will display all of the vulnerabilities that the Agnitio reveals during the scan using static analysis of the code.
Agnitio performs a line by line pattern matching in the code, and highlights the vulnerabilities that are found in terms of insecure coding.
Here is the Wikipedia definition of Static Code Analysis. It involves pattern matching inside the source code, usually done by an automated tool.
Agnitio also supports reverse engineering of Android .APK files and the doing a static analysis of the Java code. This is an automated tool, this procedure can also be performed manually using Baksmali utility, where we can extract the source code of the Android application using the binary.
Here's a step-by-step procedure to reverse engineer Android .APK file using Agnitio :-
Step 1 :- Download and install Agnitio.
Step 2:- Agnitio doesn't create a folder in the start menu. So, go to the path where you installed it. Generally it is at C:\Program Files\Agnitio\ path. Run the Agnitio application.
Step 3:- Click on Static Analysis Tab.
Step 4:- Click on Browse, and select the path of folder where your .APK file (application binary) is stored.
Step 5:- Now select Java and as the language, select the .APK file and then click on Scan.
Step 6:- Click on OK for the following prompt.
Step 7:- After the scan is complete, expand the tree to reveal the structure of the code.
Step 8:- Select the file that you want to do static code analysis for and again click on Scan after selecting Java as the language.
Step 9:- This will display all of the vulnerabilities that the Agnitio reveals during the scan using static analysis of the code.
Agnitio performs a line by line pattern matching in the code, and highlights the vulnerabilities that are found in terms of insecure coding.