Flawfinder is a source code auditing tool that reports possible security weaknesses (flaws) sorted by risk level. It’s very useful for quickly finding and removing at least some potential security problems before a program is widely released to the public. It’s a static analysis source code auditing tool. Using Flawfinder Source Code Auditing Tool It […]
source code auditing
SCARE – Source Code Analysis Risk Evaluation Tool
[ad] The Source Code Analysis Risk Evaluation project is a study to create a security complexity metric that will analyze source code and provide a realistic and factual representation of the potential of that source code to create a problematic binary. This metric will not say that the binary will be exploited nor does it […]
Skavenger – Source Code Auditing Tool!
Skavenger? Yes, because scavenger is already used?!? What is skavenger? Skavenger is a source code auditing tool, firstly though for php, but also used for any kind of source code file; as long as you know what to look for… Yes I thought is as a replacement tool for egrep/sed under Windows! because not everybody […]
LAPSE Sourcecode Analysis for JAVA J2EE Web Applications
[ad] LAPSE stands for a Lightweight Analysis for Program Security in Eclipse. LAPSE is designed to help with the task of auditing Java J2EE applications for common types of security vulnerabilities found in Web applications. LAPSE was developed by Benjamin Livshits as part of the Griffin Software Security Project. LAPSE targets the following Web application […]
SpikeSource Spike PHP Security Audit Tool
Spike is an Open Source tool based on the popular RATS C based auditing tool implemented for PHP. The tool Spike basically does static analysis of php code for security exploits, PHP5 and call-time pass-by-reference are currently required, but a PHP4 version is coming out this week. This tool is especially welcomed by Darknet as […]