Continuing with the series of tools I’ve been posting on source code auditing and application security, here is PMD a Java Source Code Scanner.
PMD scans Java source code and looks for potential problems like:
- Possible bugs – empty try/catch/finally/switch statements
- Dead code – unused local variables, parameters and private methods
- Suboptimal code – wasteful String/StringBuffer usage
- Overcomplicated expressions – unnecessary if statements, for loops that could be while loops
- Duplicate code – copied/pasted code means copied/pasted bugs
PMD is integrated with JDeveloper, Eclipse, JEdit, JBuilder, BlueJ, CodeGuide, NetBeans/Sun Java Studio Enterprise/Creator, IntelliJ IDEA, TextPad, Maven, Ant, Gel, JCreator, and Emacs.
You can read more about PMD at the homepage here.
You can download everything from here:
- Radare – The Reverse Engineering Framework
- Brakeman – Static Analysis Rails Security Scanner
- RIPS – Static Source Code Analysis For PHP Vulnerabilities
- FindBugs – Find Bugs in Java Programs
- Angry IP Scanner – Cross Platform Port Scanner
- Pixy – New & Free Open-source XSS and SQL Injection Scanner for PHP Programs
Most Read in Programming:
- FLARE – Flash Decompiler to Extract ActionScript - 63,383 views
- Modern Exploits – Do You Still Need To Learn Assembly Language (ASM) - 23,920 views
- 4f: The File Format Fuzzing Framework - 23,815 views