Microsoft has released the Application Inspector, a command-line tool that its engineers are using to probe quickly software components.
Microsoft has published its own open-source, cross-platform Application Inspector on Github. According to Microsoft’s announcement, Application Inspector was created to identify “interesting” features and metadata, like the use of cryptography, connecting to a remote entity, and the platforms it runs on. It also surfaces interesting characteristics in the code that would otherwise be time-consuming or difficult to identify through manual introspection.
Cross-platform command-line tool
Application Inspector comes with a variety of feature detection patterns covering many popular programming languages, with good support for the following types of characteristics:
- Application frameworks (development, testing)
- Cloud / Service APIs (Microsoft Azure, Amazon AWS, and Google Cloud Platform)
- Cryptography (symmetric, asymmetric, hashing, and TLS)
- Data types (sensitive, personally identifiable information)
- Operating system functions (platform identification, file system, registry, and user accounts)
- Security features (authentication and authorization)
Application Inspector can be downloaded at its Github page.