I was looking at org.owasp.orizon.mirage.Modeler class, in order to draw the data flow for information about fields scope and I just discovered that, by my mistake, Collectors information never leaves Mirage, they would be put in the SessionInfo object instead… Refactoring this phase is a top priority now Advertisements
Jericho was the first Orizon subsystem, even before Twilight. In the very first Orizon versions you were able to find some kind of input not validated. This is done by Jericho engine, however that code was buggy and it was not compliant to newer Orizon engine based architecture. That’s why I renamed Jericho class in… Read More A new begin for Jericho
In SVN trunk I committed the bug fix for the annoying trailing characters for Orizon Shell. The bug was that after a command displaying the progress bar on the screen, the progress bar was consumed by shell main loop as next command resulting in a OSH parser lexical error. JSP Collector now is able to… Read More JSP and outgoing links and shell updates…
Hello there, I know… I didn’t update this blog regulary… sometimes I write stuff in my tumblr… sometimes I tweet… or sometimes I code and no more. That’s it. Monday I released version 1.19, with some improvements over JSP language and today I committed some code that makes JSP inspecting more powerful. In next release… Read More New release and new ideas
Yeah, I hacked around Jsp grammar file contained in PMD, translating it from javacc to freecc format. Now the grammar compiles… Some few hacks and Orizon will be able to parse Jsp…
Yeah, I had to open a lot of directories to scan each single package because I need separated reports… how can I do this without spending a lot of time issuing very similar commands? It’s easy. You can write all of your osh commands in a text files and start Orizon. At the Osh prompt… Read More Ready to… RUN?
It finally happened. Owasp Orizon 1.18 is good enough to be used to assist a code reviewer in a source code assessment. I’m using now a slightly modified version, named 1.18.15 that fixes a little issue in Java language pack. Actually I’m behind a proxy so I can’t reach sourceforge SVN repository to commit the… Read More Orizon hits real world