PMD – Java Source Code Scanner

Cybertroopers storming your ship?


Continuing with the series of tools I’ve been posting on source code auditing and application security, here is PMD a Java Source Code Scanner.

PMD scans Java source code and looks for potential problems like:

  • Possible bugs – empty try/catch/finally/switch statements
  • Dead code – unused local variables, parameters and private methods
  • Suboptimal code – wasteful String/StringBuffer usage
  • Overcomplicated expressions – unnecessary if statements, for loops that could be while loops
  • Duplicate code – copied/pasted code means copied/pasted bugs

PMD is integrated with JDeveloper, Eclipse, JEdit, JBuilder, BlueJ, CodeGuide, NetBeans/Sun Java Studio Enterprise/Creator, IntelliJ IDEA, TextPad, Maven, Ant, Gel, JCreator, and Emacs.

You can read more about PMD at the homepage here.

You can download everything from here:

Download PMD


Posted in: Programming, Security Software

, , , , , , , , , , , , , , , , ,

Recent in Programming:
- YARA – Pattern Matching Tool For Malware Analysis
- american fuzzy lop – Security Oriented Fuzzing Tool
- Twittor – Backdoor Using Twitter For Command & Control

Related Posts:

Most Read in Programming:
- FLARE – Flash Decompiler to Extract ActionScript - 66,319 views
- Modern Exploits – Do You Still Need To Learn Assembly Language (ASM) - 26,510 views
- 4f: The File Format Fuzzing Framework - 23,859 views

Get 50% off your second year with our 2-year deal!


Comments are closed.