Code analysis and security audit (tools)

< Programmation <
TwitterFacebook
Get flash to fully experience Pearltrees

Software | RATS - Rough Auditing Tool for Security

Welcome to RATS - Rough Auditing Tool for Security RATS - Rough Auditing Tool for Security - is an open source tool developed and maintained by Secure Software security engineers. Secure Software was acquired by Fortify Software, Inc. RATS is a tool for scanning C, C++, Perl, PHP and Python source code and flagging common security related programming errors such as buffer overflows and TOCTOU (Time Of Check, Time Of Use) race conditions. https://www.fortify.com/ssa-elements/threat-intelligence/rats.html
http://www.scovetta.com/yasca.html

Yasca - Scovetta.com

Pixy Yasca is designed to be very flexible and easy to extend. In fact, writing a new rule is as easy as coming up with a regular expression, the file extensions it applies to, and the name of your new rule. Place that information in a text file in the plugin directory, and run Yasca!
http://www.justanotherhacker.com/projects/graudit.html GRAUDIT Graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It's comparable to other static analysis applications like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very flexible. Graudit is available from github, you can check the github project page or check it out directly using git from git://github.com/wireghoul/graudit.git

Graudit - Just Another Hacker

This is the web page for FindBugs, a program which uses static analysis to look for bugs in Java code. It is free software, distributed under the terms of the Lesser GNU Public License . The name FindBugs™ and the FindBugs logo are trademarked by The University of Maryland .

FindBugs™ - Find Bugs in Java Programs

http://findbugs.sourceforge.net/

PMD

PMD is integrated with JDeveloper, Eclipse, JEdit, JBuilder, BlueJ, CodeGuide, NetBeans/Sun Java Studio Enterprise/Creator, IntelliJ IDEA, TextPad, Maven, Ant, Gel, JCreator, and Emacs. http://pmd.sourceforge.net/
http://artho.com/jlint/ Jlint 3.0 Jlint will check your Java code and find bugs, inconsistencies and synchronization problems by doing data flow analysis and building the lock graph. Jlint is extremely fast - even on large projects, it requires only one second to check all classes! It is easy to learn and requires no changes in the class files. Jlint has been used in an industrial environment and successfully uncovered faults with little effort! This version of Jlint is the extended version featuring some improved synchronization checks.

Jlint

In the last entry on cultural challenges in application security series, we introduced the incompetent developer problem. In this entry, we’ll describe some techniques to help resolve the incompetent developer problem. We described a scenario where Steve, the application security lead, sat down with Julio, a developer, to explain a secure SDLC program. Steve was… http://labs.securitycompass.com/category/platform/java/

SecCom Labs » Java

http://sourceforge.net/apps/mediawiki/cppcheck/index.php?title=Main_Page

cppcheck

Cppcheck is an analysis tool for C/C++ code. Unlike C/C++ compilers and many other analysis tools, we don't detect syntax errors. Cppcheck only detects the types of bugs that the compilers normally fail to detect. The goal is no false positives. It is unlikely that you will find all the bugs in your software through testing and instrumenting.

JavaScript Lint

http://www.javascriptlint.com/ JavaScript Lint holds an advantage over competing lints because it is based on the JavaScript engine for the Firefox browser . This provides a robust framework that can not only check JavaScript syntax but also examine the coding techniques used in the script and warn against questionable practices.
http://stackoverflow.com/questions/378959/is-there-a-static-code-analyzer-like-lint-for-php-files For static analysis, there are php-sat , php-ast , PHP_Depend and PHP_CodeSniffer , that I know of. These are fairly high level tools; You can also dabble in stuff like PHP_Parser or the more primitive token_get_all function. Finally, you can also run php in lint-mode ( php -l FILENAME ), from the command line. It will check the file for valid syntax (eg. parse it), but won't execute it. There are also some runtime analysis options, which are more useful for some things, because of PHPs dynamic nature.

Is there a static code analyzer [like Lint] for PHP files? - Stack Overflow

PHP-AST/ORACLE is a C++ framework which allows user to perform lots of different operations on a source code. The tool has been developed mainly for: php-oracle get a XML file as input which is the output of php-ast.

php-ast - Trac

To provide a flexible and extendable software, it is a good OO practice to reduce the dependencies between implementing classes. This could be achieved by developing against abstractions which means both, abstract classes and interfaces. By using abstractions instead of real implementation in the application you provide some sort of contract, that could be used by others to hook into the application with their own classes that fulfill the contract. Except the extensibility of an application a good abstraction reduces the risk of breaks in multiple subsystems when something was changed in a single package. But how to get rid of all these dependencies, doing this by hand will become an impossible job, at least for larger projects.

Track your dependencies with PHP_Depend - Manuel Pichler

Xdebug - Debugger and Profiler Tool for PHP

Xdebug 2.2.0RC2 is out! This is the second release candidate of Xdebug 2.2 which addresses a few things that were found in the first release candidate. The full change log can be found on the updates page and the source code and Windows binaries can be found on the downloads page. Please note that this is a release candidate and not guaranteed to be free of bugs. If you have issues, please file them in the issue tracker .

PECL :: Package :: xhprof

XHProf is a function-level hierarchical profiler for PHP and has a simple HTML based navigational interface. The raw data collection component is implemented in C (as a PHP extension). The reporting/UI layer is all in PHP. It is capable of reporting function-level inclusive and exclusive wall times, memory usage, CPU times and number of calls for each function. Additionally, it supports ability to compare two runs (hierarchical DIFF reports), or aggregate results from multiple runs.

troelskn's php-tracer-weaver at master - GitHub

php-tracer-weaver is a tool for analysing parameter types in PHP code, using a combination of static and runtime analysis. It relies on the xdebug extension to trace function calls. The result of the analysis can then be used to generate docblock comments, with the proper type annotations. Usage The basic usage of tracer-weaver is to write a piece of code (If you have unit tests/examples, they would be a good candidate), that utilises the code to manipulate.