Security Dashboard
Latest addition – Tuesday 16 March 2010.
(59 %) : Turning Firefox to an Ethical Hacking Platform
(13 %) : FireCAT v1.6 the online version released
(7 %) : OWASP Broken Web Applications v0.9 (Virtual Machine)
(5 %) : OWASP Code Crawler v2.5 released
(4 %) : PHP Security Scanner 1.0.2 added to SD Tools Watch Process
Sahi v3.0 - Web Automation and Test Tool
Tuesday 23 February 2010 - 344 read - ( Keywords : Code Auditing
,
Framework
,
Sahi
,
Vulnerability Management )
Sahi is an automation tool to test web applications. Sahi injects javascript into web pages using a proxy and the javascript helps automate web applications.
OWASP Broken Web Applications v0.9 (Virtual Machine)
Friday 12 February 2010 - 759 read - ( Keywords : Code Auditing
,
Framework
,
LiveCD
,
Local auditing
,
OWASP Broken Web Applications )
The Open Web Application Security Project (OWASP) Broken Web Applications Project is distributed as a Virtual Machine in VMware format compatible with their no-cost VMware Player and VMware Server products (along with their commercial products).
MS CAT.NET v2.0 Beta - Code Analysis Tool .NET
Wednesday 10 February 2010 - 365 read - ( Keywords : Application Scanner
,
CAT.NET
,
Code Auditing )
CAT.NET is a binary code analysis tool that helps identify common variants of certain prevailing vulnerabilities that can give rise to common attack vectors such as Cross-Site Scripting (XSS), SQL Injection and XPath Injection.
OWASP Code Crawler updated to v2.5.1
Sunday 31 January 2010 - 324 read - ( Keywords : Code Auditing
,
Code Crawler
,
Configurations checks
,
Owasp )
A tool aimed at assisting code review practitioners. It is a static code review tool which searches for key topics within .NET and J2EE/JAVA code. The aim of the tool is to accompany the OWASP Code review Guide and to implement a total code review solution for "everyone".
OWASP Code Crawler v2.5 released
Sunday 24 January 2010 - 750 read - ( Keywords : Code Auditing
,
Code Crawler
,
Configurations checks
,
Owasp )
A tool aimed at assisting code review practitioners. It is a static code review tool which searches for key topics within .NET and J2EE/JAVA code. The aim of the tool is to accompany the OWASP Code review Guide and to implement a total code review solution for "everyone".
WatiN v2.0 RC 1 - Web Application Testing in .Net
Tuesday 5 January 2010 - 435 read - ( Keywords : Application Scanner
,
Code Auditing
,
Framework
,
WatiN )
WatiN (pronounced "what-in") aims to bring you an easy way to automate Web Application Testing in .Net. Inspired by Watir, WatiN has grown into a feature rich and stable framework, offering automation of Internet Explorer and Firefox.
FireCAT v1.6 the online version released
Monday 4 January 2010 - 3779 read - ( Keywords : Application Scanner
,
Code Auditing
,
FireCAT
,
Framework )
FireCAT (Firefox Catalog of Auditing exTension) is a mindmap collection of the most efficient and useful firefox extensions oriented application security auditing and assessment. FireCAT is not a remplacement of other security utilities and softwares as well as fuzzers, proxies and application vulnerabilities scanners.
Graudit v1.5 released
Friday 11 December 2009 - 348 read - ( Keywords : Code Auditing
,
Graudit
,
Local auditing
,
Vulnerability Scanner )
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It’s comparable to other static analysis applications like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
Graudit v1.4 released
Wednesday 25 November 2009 - 276 read - ( Keywords : Code Auditing
,
Graudit
,
Local auditing )
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It’s comparable to other static analysis applications like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
MS CAT.NET v1.1.1.9 - Code Analysis Tool .NET
Wednesday 18 November 2009 - 379 read - ( Keywords : Application Scanner
,
CAT.NET
,
Code Auditing )
CAT.NET is a binary code analysis tool that helps identify common variants of certain prevailing vulnerabilities that can give rise to common attack vectors such as Cross-Site Scripting (XSS), SQL Injection and XPath Injection.
RATS v2.3 - Rough Auditing Tool for Security
Tuesday 10 November 2009 - 604 read - ( Keywords : Code Auditing
,
Local auditing
,
RATS )
RATS (Rough Auditing Tool for Security), is a tool for scanning C, C++, Perl, PHP and Python source code and flagging common security related programming errors such as buffer overflows and TOCTOU (Time Of Check, Time Of Use) race conditions.
Graudit v1.3 released
Tuesday 3 November 2009 - 1005 read - ( Keywords : Code Auditing
,
Graudit
,
Local auditing )
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It’s comparable to other static analysis applications like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
METASM - Assembly Manipulation Suite
Friday 9 October 2009 - 255 read - ( Keywords : Code Auditing
,
METASM )
Metasm is a cross-architecture assembler, disassembler, compiler, linker and debugger. It is written in pure Ruby.
Code Crawler v2.4 Beta - OWASP Code Review Tool
Tuesday 6 October 2009 - 680 read - ( Keywords : Code Auditing
,
Code Crawler
,
Configurations checks
,
Owasp
,
Vulnerability Scanner )
A tool aimed at assisting code review practitioners. It is a static code review tool which searches for key topics within .NET and J2EE/JAVA code. The aim of the tool is to accompany the OWASP Code review Guide and to implement a total code review solution for "everyone".
Graudit source code scanner v1.2 updated
Saturday 19 September 2009 - 455 read - ( Keywords : Code Auditing
,
Graudit
,
Local auditing )
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It’s comparable to other static analysis applications like RATS and flaw-finder while keeping the technical requirements to a minimum and being very flexible
Dranzer v1.9.1 - Testing ActiveX Controls
Wednesday 26 August 2009 - 539 read - ( Keywords : Code Auditing
,
Dranzer )
CERT developed this open source tool so that software developers can test ActiveX controls for vulnerabilities before the software is released to the public.
FindBugs Java Code Analyzer updated to 1.3.9
Tuesday 25 August 2009 - 334 read - ( Keywords : Code Auditing
,
Configurations checks
,
FindBugs )
FindBugs™ is a program to find bugs in Java programs. It looks for instances of "bug patterns" --- code instances that are likely to be errors.
Graudit source code scanner v1.1 released
Tuesday 18 August 2009 - 353 read - ( Keywords : Code Auditing
,
Graudit
,
Local auditing )
Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It’s comparable to other static analysis applications like RATS and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
PVS-Studio v3.10 the code analyzer released
Sunday 9 August 2009 - 332 read - ( Keywords : Code Auditing
,
PVS-Studio )
PVS-Studio is a project by a Russian company "Program Verification Systems" designed to help the developers in mastering modern programming techniques. PVS-Studio is a source code static analyzer for diagnosis of errors and mistakes appearing during adaptation of applications code to 64-bit and multi-core systems.
Findbugs v1.3.9-rc1 released
Friday 7 August 2009 - 335 read - ( Keywords : Code Auditing
,
Configurations checks
,
FindBugs )
FindBugs™ is a program to find bugs in Java programs. It looks for instances of "bug patterns" --- code instances that are likely to be errors.
