Navigation



Microsoft CAT.NET v1.1.1.9 – Binary Code Analysis Tool .NET

Last updated: September 9, 2015 | 6,979 views

CAT.NET is a binary code analysis tool that helps identify common variants of certain prevailing vulnerabilities that can give rise to common attack vectors such as Cross-Site Scripting (XSS), SQL Injection and XPath Injection.

CAT.NET is a snap-in to the Visual Studio IDE that helps you identify security flaws within a managed code (C#, Visual Basic .NET, J#) application you are developing. It does so by scanning the binary and/or assembly of the application, and tracing the data flow among its statements, methods, and assemblies.

This includes indirect data types such as property assignments and instance tainting operations. The engine works by reading the target assembly and all reference assemblies used in the application — module-by-module — and then analyzing all of the methods contained within each. It finally displays the issues its finds in a list that you can use to jump directly to the places in your application’s source code where those issues were found.

The following rules are currently support by this version of the tool

  • Cross Site Scripting
  • SQL Injection
  • Process Command Injection
  • File Canonicalization
  • Exception Information
  • LDAP Injection
  • XPATH Injection
  • Redirection to User Controlled Site

System Requirements

Supported Operating Systems: Windows Vista; Windows XP

OS: XP, Vista Software: .NET Framework 2.0, Visual Studio 2005 or 2008.

You can download CAT.NET here:

CATNETx32.msi

Or read more here.

Share
Tweet
Share
Buffer
WhatsApp
Email
0 Shares
Posted in: Secure Coding, Security Software, Windows Hacking

, , , , , , , , , , , , ,


Latest Posts:


Axiom - Pen-Testing Server For Collecting Bug Bounties Axiom – Pen-Testing Server For Collecting Bug Bounties
Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line.
July 7, 2020 - 159 Shares
Quasar RAT - Windows Remote Administration Tool Quasar RAT – Windows Remote Administration Tool
Quasar is a fast and light-weight Windows remote administration tool coded in C#. Used for user support through day-to-day administrative work to monitoring.
May 28, 2020 - 294 Shares
Pingcastle - Active Directory Security Assessment Tool Pingcastle – Active Directory Security Assessment Tool
PingCastle is a Active Directory Security Assessment Tool designed to quickly assess the Active Directory security level based on a risk and maturity framework.
May 19, 2020 - 269 Shares
Second Order - Subdomain Takeover Scanner Tool Second Order – Subdomain Takeover Scanner Tool
Second Order Subdomain Takeover Scanner Tool scans web apps for second-order subdomain takeover by crawling the application and collecting URLs (and other data)
April 30, 2020 - 289 Shares
Binwalk - Firmware Security Analysis & Extraction Tool Binwalk – Firmware Security Analysis & Extraction Tool
Binwalk is a fast and easy to use Python-based firmware security analysis tool that allows for firmware analysis, reverse engineering & extracting of firmware.
April 15, 2020 - 486 Shares
zBang - Privileged Account Threat Detection Tool zBang – Privileged Account Threat Detection Tool
zBang is a risk assessment tool for Privileged Account Threat Detection on a scanned network, organizations & red teams can use it to identify attack vectors
March 31, 2020 - 363 Shares


Comments are closed.