Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Yosi (nataskhotmail.com)
Date: Tue Sep 25 2001 - 04:41:02 CDT
Recently, I've started looking for auditing tools that will be mainly
used for C++. Lclint was ruled out immediately because it only processes
C code, and not C++. Then I had a look at ITS4 and FlawFinder. Of these
two ITS4 looks the more updated with a larger database of
vulnerabilities and it can handle both C and C++ code. I wanted to
try out RATS as well, but it seems that the website is down or the link
After trying these tools I have several questions -
1. Are there any other tools that might do a better job than ITS4 at
detecting flaws in C *and* C++ code?
2. What tools (if any) can anyone recommend for Java source code audit?
3. Are there any tools that try to feed badly formatted/too long input
to program in order to test how they handle it?
On a side note, if anyone from the RATS development team is reading this
please fix your website, or post a link to mirrors of RATS.
-- Yosi In God We Trust -- All others must submit an X.509 certificate
>From: aleph1securityfocus.com >To: secprogsecurityfocus.com, sectoolssecurityfocus.com >Subject: Release: RATS 1.2 and EGADS 0.7 >Date: Mon, 24 Sep 2001 11:19:53 -0600 >----- Forwarded message from ratssecuresw.com ----- > >From: ratssecuresw.com >To: bugtraqsecurityfocus.com >Subject: Release: RATS 1.2 and EGADS 0.7 >Date: Sun, 23 Sep 2001 23:06:57 -0400 >Message-ID: <20010923230657.A32571rsdio.com> >User-Agent: Mutt/1.2.5i <snip>
_________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp