Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: tools to scan source code
From: Dan Catalin Vasile <hardware_cta () yahoo com>
Date: Wed, 13 Sep 2006 03:46:16 -0700 (PDT)

Hi Ben,

You can contribute to open source projects like RATS.
You will have a lot of benefits from this, including a
good CV. And also, we will have (hopefuly) better
software to analize source code :).

Have secure fun,
Dan


--- Ben Hall <ben2004uk () googlemail com> wrote:

Hello all,

been watching this conversation closely as it is
hugely relevant to me
at the moment.

I am just about to enter my final year of
University, and I was hoping
to create a static source code analyser for ASP.net
applications......I thought it was a good idea,
however after reading
this I am starting to think otherwise, and maybe
there could be better
uses of the opportunity to complete a large project.

Does anyone have any advice?  I want to do a project
involving
security and .net.   I've been recommend to do a
application to edit
the http request - like WebScarab however this has
been done many
times, and doesn't represent anything 'new'  and
while source code
auditors aren't new, they are less readily available
as open source
software.  This still is an option I might look
into, and taking it
off on a tangent some how, and doing more of a full
pen-test
application.

I welcome anyones advice.

Thank you

Ben


On 13/09/06, Stefano Zanero <zanero () elet polimi it>
wrote:
Hi Kish,

I realize I've been a bit too cryptic in my
answer:

Stefano :), you must see Security Forest's page
which
says RATS can audit C,C++,Perl,PHP & Python
source


code.(http://www.securityforest.com/wiki/index.php/Category:Source_Code_Scanners)

Yes, RATS _can_ audit PHP source. What I was
referring to is that web
app vulnerabilities have a different structure
than the vulnerabilities
you commonly audit C source code for.

For instance, you can detect candidates for buffer
overflow (along with
a bunch of false positives) through simple regexp
pattern matching. It's
way more difficult to detect with few false
positives candidates for SQL
injection.

The fact that RATS is able to handle PHP code is
not a synonym to the
fact that it can handle web-app vulnerabilities.

Stefano



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download
Hailstorm for FREE.


http://www.cenzic.com/products_services/download_hailstorm.php


------------------------------------------------------------------------




------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download
Hailstorm for FREE.

http://www.cenzic.com/products_services/download_hailstorm.php

------------------------------------------------------------------------




__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]