mailing list archives
Re: Security vulnerability tools
From: Murray McAllister <mmcallis () redhat com>
Date: Thu, 28 Mar 2013 11:20:40 +1100
On 03/28/2013 06:54 AM, Corey Bryant wrote:
I'd like to get a better understanding of tools used in the open source
community (kernel and user space) to detect security vulnerabilities.
I have a list below to get started. If anyone has any input, I'd
I'll plan on updating http://oss-security.openwall.org/wiki/tools with
anything it doesn't already have.
I am sometimes using Splint. From http://www.splint.org/ "Splint is a
tool for statically checking C programs for security vulnerabilities and
coding mistakes. With minimal effort, Splint can be used as a better
lint. If additional effort is invested adding annotations to programs,
Splint can perform stronger checking than can be done by any standard lint."