|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: security scanning software for source code?
From: Erik Tayler (erik
14X.NET)Date: Fri Oct 20 2000 - 07:31:39 CDT
- Next message: Erhard Schwenk: "Re: hacksdmi?"
- Previous message: Erick Arturo Perez Huemer: "Re: Need a software to copy my floppy"
- In reply to: Sanchez, Scott: "security scanning software for source code?"
- Next in thread: White Vampire: "Re: security scanning software for source code?"
- Reply: Erik Tayler: "Re: security scanning software for source code?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I know of one at http://www.freshmeat.net/projects/its4/ . Never tried
it, but I will soon give it a shot. Looks somewhat mediocre, but hey.
Erik Tayler
http://www.14x.net
http://www.digitaloffense.net
"Sanchez, Scott" wrote:
>
> Hello all,
> Does anyone have any suggestions on products that will review application
> code (visual basic/c++, java applets and servlets, cgi's, etc.) for security
> weaknesses?
> I would love an engine that I can just drop my java servlets (or weblogic
> code, xml, perl, css, etc.) into and it would look for things like input
> fields that have missing or inadequate validation, passwords stored in the
> app, etc. (I know, i'm asking for a lot).
> Does anybody have thoughts or suggestions? We have decided that it is
> impractical for us to write our own scanner at this point.
> Thanks.
> -Scott
- Next message: Erhard Schwenk: "Re: hacksdmi?"
- Previous message: Erick Arturo Perez Huemer: "Re: Need a software to copy my floppy"
- In reply to: Sanchez, Scott: "security scanning software for source code?"
- Next in thread: White Vampire: "Re: security scanning software for source code?"
- Reply: Erik Tayler: "Re: security scanning software for source code?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]