Hi Yousef,
U can download findbug tool from below mentioned URL :
http://sourceforge.net/project/showfiles.php?group_id=96405
And more information about this tool is available on following URL :
http://findbugs.sourceforge.net/
Sample output of findbug is available on following URL:
http://findbugs.sourceforge.net/commons-modeler.html
Above tools will help u in detecting security issues in Java code ...
Regards
Prashant
-----Original Message-----
From: Yousef Syed [mailto:yousef.syed@gmail.com]
Sent: Friday, October 28, 2005 3:33 PM
To: Web Application Security
Subject: J2EE Application Security Code Review
Hi,
I've been tasked with performing a Code Review on for Security on a
J2EE Application's code.
Though I've taken part in numerous Code Reviews, I've never done one
searching for Security issues.
Can someone please advise me on what I should be looking for?
Where can I get further information on the procedure that should be
followed?
Are there any Standards/Best Practices for Securing J2EE applications?
Thanx,
ys
--
Yousef Syed
*********************************************************
Disclaimer:
The contents of this E-mail (including the contents of the enclosure(s) or
attachment(s) if any) are privileged and confidential material of MBT and
should not be disclosed to, used by or copied in any manner by anyone other
than the intended addressee(s). In case you are not the desired addressee,
you should delete this message and/or re-direct it to the sender. The views
expressed in this E-mail message (including the enclosure(s) or attachment(s)
if any) are those of the individual sender, except where the sender expressly,
and with authority, states them to be the views of MBT.
This e-mail message including attachment/(s), if any, is believed to be free of
any virus. However, it is the responsibility of the recipient to ensure that
it is virus free and MBT is not responsible for any loss or damage arising in
any way from its use
********************************************************
