Lapse for auditing Java Applications V.2.5.6 added to SD ToolsWatch Process
LAPSE stands for a Lightweight Analysis for Program Security in Eclipse. LAPSE is designed to help with the task of auditing Java J2EE applications for common types of security vulnerabilities found in Web applications.
LAPSE targets the following Web application vulnerabilities:
- Parameter manipulation
- Header manipulation
- Cookie poisoning
- Command-line parameters
- SQL injections
- Cross-site scripting
- HTTP splitting
- Path traversal
LAPSE is inspired by existing lightweight security auditing tools such as RATS, pscan, and FlawFinder. Unlike those tools, however, LAPSE addresses vulnerabilities in Web applications. LAPSE is not intended as a comprehensive solution for Web application security, but rather as an aid in the code review process
Post scriptum
Compliance Mandates
|
Related Articles
Code Auditing |
|
Lapse |