Documentation

Introduction

Devknox is a developer friendly Android Studio plugin that helps Android developers detect and resolve security issues in their apps, while writing code. Imagine Devknox to similar to what autocorrect is for English. As you write code, Devknox highlights possible security risks and also gives you a suggested solution which you can select and replace across your code.
Yes, it is truly that simple! Let's build more secure apps!

What's New(v2.3.0)

The new roll-out of Devknox contains following improvements and features:

  • Addition of 5 more security checks
  • Fix plugin stablity issues

Minimum Requirements

If you want to run Devknox on your PC, here's what it takes:
  • Java : 1.7
  • Android Studio : 2.1.2

Installing Devknox

To be able to use Devknox, you should specify the URLs of such Devknox repository in Android Studio. Follow the steps outlined below to add the URL:

  • Go to File menu and click Settings
  • In the Settings dialog, click Plugins
  • Click Browse repositories
  • In the Browse Repositories dialog that opens, click Manage repositories
  • Use the Custom Plugin Repositories dialog that opens, to manage the list of URLs for custom (enterprise) plugin repositories:
    • To add a repository URL, click Appknox Devknox (⌘N). In the Add Repository dialog, specify the repository URL and click OK. (You can use the Check Now button to make sure that the specified URL is correct: IntelliJ IDEA will try to connect to the repository)
    • Repository URL : http://repo.devknox.io
    • To edit a repository URL, select the URL and click Appknox Devknox (⏎). In the Edit Repository dialog, edit the URL and click OK.
    • To remove a URL from the list, select the URL and click Appknox Devknox (⌘⌦)
    • Click OK in the Custom Plugin Repositories dialog.
  • In the Browse repositories window search for Devknox
  • In the right pane click on the green Install button
  • Restart the IDE to start using Devknox
Devknox android application security tool

Updating Devknox

Follow the steps if you want to update Devknox from settings or else Devknox can be updated from the notification everytime IDE starts up
  • Go to File menu and click Settings
  • In the Settings dialog, click Plugins
  • Choose Devknox from the list of plugins installed and click on update in the right pane
  • Restart the IDE to start using Devknox
Devknox android application security tool Devknox android application security tool

Using Devknox

Once installed, you can use Devknox as follows:

  • On the menu bar click on Devknox and select Login
  • On the login dialog box provide the credentials and click Login
  • On successful login the plugin starts the scan in background and highlights the issues as red underlined annotation
  • To quickly jump to various Devknox issues, just point to right end of the editor and check out Devknox issues, issues will be highlighted as various warning levels like yellow, red lines. hovering over them will show the piece of code where the issues lie and clicking on them will take you to the corresponding line
  • On hovering over the issue, a tooltip pops up showing summary of issues and clicking on more shows detailed description of the issues
  • Click on the issue code and a (intention)bulb icon Appknox Devknox will appear, clicking on it will provide the option to quick fix
  • On the menu bar click on Devknox and select Devknox scan and choose scan scope(whole project, module, file, custom). A report window pops up with Devknox issues. Expand as per choice to view particular issue details or expand the tree entirely using expand all icon Appknox Devknox
  • Select an issue to view details apply quick fix using problem resolution field
  • Select ad issue type and right click to get various options like suppress options and disabling inspection options
  • Use the export icon Appknox Devknox to export Devknox issues to XML or HTML
  • On the menu bar click on Devknox and select About Devknox, Online Help and Feedback to get an overview about Devknox, jump to online help and provide feedback to Devknox team respectively
Devknox android application security tool

Change Log

Here you can see the updates previous versions: