14 December 2009 | 6,796 views

Microsoft CAT.NET v1.1.1.9 – Binary Code Analysis Tool .NET

Don't let a Dragon into your website!

CAT.NET is a binary code analysis tool that helps identify common variants of certain prevailing vulnerabilities that can give rise to common attack vectors such as Cross-Site Scripting (XSS), SQL Injection and XPath Injection.

CAT.NET is a snap-in to the Visual Studio IDE that helps you identify security flaws within a managed code (C#, Visual Basic .NET, J#) application you are developing. It does so by scanning the binary and/or assembly of the application, and tracing the data flow among its statements, methods, and assemblies.

This includes indirect data types such as property assignments and instance tainting operations. The engine works by reading the target assembly and all reference assemblies used in the application — module-by-module — and then analyzing all of the methods contained within each. It finally displays the issues its finds in a list that you can use to jump directly to the places in your application’s source code where those issues were found.

The following rules are currently support by this version of the tool

  • Cross Site Scripting
  • SQL Injection
  • Process Command Injection
  • File Canonicalization
  • Exception Information
  • LDAP Injection
  • XPATH Injection
  • Redirection to User Controlled Site

System Requirements

Supported Operating Systems: Windows Vista; Windows XP

OS: XP, Vista Software: .NET Framework 2.0, Visual Studio 2005 or 2008.

You can download CAT.NET here:

CATNETx32.msi

Or read more here.

Advertisements



Recent in Programming:
- Gitrob – Scan Github For Sensitive Files
- Radare – The Reverse Engineering Framework
- Brakeman – Static Analysis Rails Security Scanner

Related Posts:
- eEye Binary Diffing Suite (EBDS)
- BitBlaze – Binary Analysis Platform For Computer Security
- SCARE – Source Code Analysis Risk Evaluation Tool

Most Read in Programming:
- FLARE – Flash Decompiler to Extract ActionScript - 63,853 views
- Modern Exploits – Do You Still Need To Learn Assembly Language (ASM) - 24,170 views
- 4f: The File Format Fuzzing Framework - 23,818 views

Advertise on Darknet

Comments are closed.