Tag Archive | "code auditing tool"


18 October 2014 | 1,623 views

RIPS – Static Source Code Analysis For PHP Vulnerabilities

RIPS is a tool written in PHP to find vulnerabilities using static source code analysis for PHP web applications. By tokenizing and parsing all source code files RIPS is able to transform PHP source code into a program model and to detect sensitive sinks (potentially vulnerable functions) that can be tainted by user input (influenced [...]

Continue Reading


23 June 2014 | 1,461 views

Codesake::Dawn – Static Code Analysis Security Scanner For Ruby

Codesake::Dawn is a source code scanner designed to review your code for security issues. Basically a static analysis security scanner for ruby written web applications. Codesake::Dawn is able to scan your ruby standalone programs but its main usage is to deal with web applications. It supports applications written using majors MVC (Model View Controller) frameworks, [...]

Continue Reading


11 March 2011 | 7,295 views

Agnitio v1.2 – Manual Security Code Review Tool

Agnitio is a tool to help developers and security professionals conduct manual security code reviews in a consistent and repeatable way. Agnitio aims to replace the adhoc nature of manual security code review documentation, create an audit trail and reporting. v1.2 of Agnitio includes a new application metrics section to give better visibility of the [...]

Continue Reading


01 July 2010 | 5,712 views

FxCop – .NET Framework Security Analysis Tool

FxCop is an application that analyzes managed code assemblies (code that targets the .NET Framework common language runtime) and reports information about the assemblies, such as possible design, localization, performance, and security improvements. Many of the issues concern violations of the programming and design rules set forth in the Design Guidelines, which are the Microsoft [...]

Continue Reading


02 November 2009 | 12,606 views

RATS – Rough Auditing Tool for Security

RATS – Rough Auditing Tool for Security – is an open source tool developed and maintained by Secure Software security engineers. Secure Software was acquired by Fortify Software, Inc. RATS is a tool for scanning C, C++, Perl, PHP and Python source code and flagging common security related programming errors such as buffer overflows and [...]

Continue Reading


16 September 2009 | 42,933 views

Flawfinder – Source Code Auditing Tool

Flawfinder is a program that examines source code and reports possible security weaknesses (flaws) sorted by risk level. It’s very useful for quickly finding and removing at least some potential security problems before a program is widely released to the public. It’s a static analysis source code auditing tool. Flawfinder is specifically designed to be [...]

Continue Reading


01 September 2009 | 5,752 views

Graudit – Code Audit Tool Using Grep

Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It’s comparable to other static analysis applications like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very flexible. Usage Graudit supports several options and tries [...]

Continue Reading


29 February 2008 | 5,414 views

SCARE – Source Code Analysis Risk Evaluation Tool

The Source Code Analysis Risk Evaluation project is a study to create a security complexity metric that will analyze source code and provide a realistic and factual representation of the potential of that source code to create a problematic binary. This metric will not say that the binary will be exploited nor does it do [...]

Continue Reading


10 November 2007 | 11,638 views

Skavenger – Source Code Auditing Tool!

Skavenger? Yes, because scavenger is already used?!? What is skavenger? Skavenger is a source code auditing tool, firstly though for php, but also used for any kind of source code file; as long as you know what to look for… Yes I thought is as a replacement tool for egrep/sed under Windows! because not everybody [...]

Continue Reading


31 October 2006 | 11,408 views

PMD – Java Source Code Scanner

Continuing with the series of tools I’ve been posting on source code auditing and application security, here is PMD a Java Source Code Scanner. PMD scans Java source code and looks for potential problems like: Possible bugs – empty try/catch/finally/switch statements Dead code – unused local variables, parameters and private methods Suboptimal code – wasteful [...]

Continue Reading


Popular Tags

computer-security · darknet · exploits · google · hacking · hacking-networks · hacking-websites · hacking-windows · hacking tool · Hacking Tools · Information-Security · information gathering · malware · microsoft · network-security · Network Hacking · Password Cracking · penetration-testing · Phishing · Privacy · Python · scammers · Security · Security Software · spam · spammers · sql-injection · trojan · trojans · virus · viruses · vulnerabilities · web-application-security · web-security · Web Hacking · windows · windows-security · Windows Hacking · worms · XSS ·