The Latest Secure Coding

Secure coding is very important in software development to ensure code security is high using techniques such as static analysis, code auditing and dynamic analysis to ensure safe coding practices are followed.

Secure Coding

What Tools can be used for Secure Coding?

There are a variety of tools to ensure code safety, mostly based on source code auditing and static analysis.

The options available really depend on the language being used with some tools focusing on many languages such as Yasca – Multi-Language Static Analysis Toolset or specialist tools focusing on a single language like Brakeman – Static Analysis Rails Security Scanner.

Find the Best Secure Coding from 2018 here:

Exploit Reliability Testing System

ERTS – Exploit Reliability Testing System

ERTS or Exploit Reliability Testing System is a Python based tool to calculate the reliability of an exploit based on the number of times the exploit is able to control EIP register with the desired address/value. It’s created to help you code reliable exploits and take the manual parts out of running and re-running exploits […]

Topic: Exploits/Vulnerabilities, Secure Coding
shadow - Firefox Heap Exploitation Tool (jemalloc)

shadow – Firefox Heap Exploitation Tool (jemalloc)

shadow is a new, extended (and renamed version) of a Firefox heap exploitation tool, which is quite a swiss army knife for Firefox/jemalloc heap exploitation. If you want to dive in really deep to this tool, and the technicalities behind it check this out – OR’LYEH? The Shadow over Firefox [PDF] Support shadow has been […]

Topic: Exploits/Vulnerabilities, Hacking Tools, Secure Coding
movfuscator - Compile Into ONLY mov Instructions

movfuscator – Compile Into ONLY mov Instructions

The M/o/Vfuscator (short ‘o’, sounds like “mobfuscator”) helps programs compile into only mov instructions, and nothing else – no cheating. Arithmetic, comparisons, jumps, function calls, and everything else a program needs are all performed through mov operations; there is no self-modifying code, no transport-triggered calculation, and no other form of non-mov cheating. The compiler currently […]

Topic: Malware, Secure Coding
YARA - Pattern Matching Tool For Malware

YARA – Pattern Matching Tool For Malware Analysis

YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which […]

Topic: Malware, Secure Coding
american fuzzy lop - Security Oriented Fuzzing Tool

american fuzzy lop – Security Oriented Fuzzing Tool

American fuzzy lop is a security-oriented fuzzing tool that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary. This substantially improves the functional coverage for the fuzzed code. The compact synthesized corpora produced by the tool are also […]

Topic: Hacking Tools, Secure Coding