|
WebApp Sec
mailing list archives
Re: Secure Source Code Analysis Parser/Tool
From: Adam Shostack <adam () homeport org>
Date: Tue, 29 Jun 2004 12:34:46 -0400
My bad, PreFIX and preFAST.
Adam
On Tue, Jun 29, 2004 at 09:29:48AM -0700, Michael Howard wrote:
| >> And then there are Prefix and Postfix, which are going to be in
| visual studio "whidbey."
|
| Prefast is in Whidbey Enterprise, beta1 one of which was release today
|
| http://lab.msdn.microsoft.com/vs2005/
|
| There's no tool I know of called Postfix!
|
| [Writing Secure Code 2nd Edition]
| http://www.microsoft.com/mspress/books/5957.asp
| [Protect Your PC] http://www.microsoft.com/protect
| [Blog] http://blogs.msdn.com/michael_howard
| [Annual Security Training]
| http://mste/training/offerings.asp?offeringid=7142
|
| -----Original Message-----
| From: Adam Shostack [mailto:adam () homeport org]
| Sent: Tuesday, June 29, 2004 8:33 AM
| To: Stan Guzik
| Cc: webappsec () securityfocus com
| Subject: Re: Secure Source Code Analysis Parser/Tool
|
| On Tue, Jun 29, 2004 at 11:04:42AM -0400, Stan Guzik wrote:
| | Hello,
| |
| | Does anyone of an open source secure source code analysis parser/tool?
| | I'm looking for a parser to run on ASP, ASP.NET, VB, and VB.NET. If
| the
| | tool is for another language that's OK. If you don't know of a tool
| any
| | good reference on how to write on is appreciated.
|
| Its not open source, but FXCop is the most MS oriented source security
| tool I know of. http://www.gotdotnet.com/team/fxcop/ And then there
| are Prefix and Postfix, which are going to be in visual studio
| "whidbey."
|
| There's RATS and Splint, which are open source tools for C, which
| aren't ASP, .NET, or VB.
|
| Adam
 By Date 
By Thread
Current thread:
- Re: Secure Source Code Analysis Parser/Tool, (continued)
|
Intro
