Continuing with the series of tools I’ve been posting on source code auditing and application security, here is PMD a Java Source Code Scanner.
PMD scans Java source code and looks for potential problems like:
- Possible bugs – empty try/catch/finally/switch statements
- Dead code – unused local variables, parameters and private methods
- Suboptimal code – wasteful String/StringBuffer usage
- Overcomplicated expressions – unnecessary if statements, for loops that could be while loops
- Duplicate code – copied/pasted code means copied/pasted bugs
PMD is integrated with JDeveloper, Eclipse, JEdit, JBuilder, BlueJ, CodeGuide, NetBeans/Sun Java Studio Enterprise/Creator, IntelliJ IDEA, TextPad, Maven, Ant, Gel, JCreator, and Emacs.
You can read more about PMD at the homepage here.
You can download everything from here:
- Agile Security – How Does It Fit Into A World Of Continuous Delivery
- zzuf – Multi-Purpose Application Input Fuzzing Tool
- Graudit v1.9 Download – Grep Source Code Auditing Tool
- FindBugs – Find Bugs in Java Programs
- Angry IP Scanner – Cross Platform Port Scanner
- LAPSE Sourcecode Analysis for JAVA J2EE Web Applications
Most Read in Programming:
- FLARE – Flash Decompiler to Extract ActionScript - 64,463 views
- Modern Exploits – Do You Still Need To Learn Assembly Language (ASM) - 24,657 views
- 4f: The File Format Fuzzing Framework - 23,828 views