ARTICLE

Lapse for auditing Java Applications V.2.5.6 added to SD ToolsWatch Process

Thursday 8 March 2007

LAPSE stands for a Lightweight Analysis for Program Security in Eclipse. LAPSE is designed to help with the task of auditing Java J2EE applications for common types of security vulnerabilities found in Web applications.

LAPSE targets the following Web application vulnerabilities:

- Parameter manipulation
- Header manipulation
- Cookie poisoning
- Command-line parameters
- SQL injections
- Cross-site scripting
- HTTP splitting
- Path traversal

LAPSE is inspired by existing lightweight security auditing tools such as RATS, pscan, and FlawFinder. Unlike those tools, however, LAPSE addresses vulnerabilities in Web applications. LAPSE is not intended as a comprehensive solution for Web application security, but rather as an aid in the code review process


POSTSCRIPTUM

Download


RELATED ARTICLES

Code Auditing, Lapse,

8 March 2007 : Lapse for auditing Java Applications V.2.5.6 added to SD ToolsWatch Process