[ad] I’m sure everyone remembers the Diebold voting fiasco with their system getting pwned multiple times. Back in May 2006 it was announced from multiple sources that the Diebold system was critically flawed. Then more recently Hackers in the Philippines were Invited to Crack Internet Voting, which is definitely positive step to increase security in […]
application-security
PMD – Java Source Code Scanner
Continuing with the series of tools I’ve been posting on source code auditing and application security, here is PMD a Java Source Code Scanner. PMD scans Java source code and looks for potential problems like: Possible bugs – empty try/catch/finally/switch statements Dead code – unused local variables, parameters and private methods Suboptimal code – wasteful […]
LAPSE Sourcecode Analysis for JAVA J2EE Web Applications
[ad] LAPSE stands for a Lightweight Analysis for Program Security in Eclipse. LAPSE is designed to help with the task of auditing Java J2EE applications for common types of security vulnerabilities found in Web applications. LAPSE was developed by Benjamin Livshits as part of the Griffin Software Security Project. LAPSE targets the following Web application […]
Source Code & Software Security Analysis with BogoSec
[ad] Bogosec is essentially a tool for finding security vulnerabilities in source code. BogoSec aims to increase awareness regarding code security vulnerabilities, while encouraging developers to produce more secure code over time. By simplifying the code scanning process, BogoSec achieves a goal of allowing developers to scan their code regularly and more effectively. BogoSec is […]