Network Security: Detailed info on Re: Rules on security issues for static code analizers of Java

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Web-App-Sec

[Top] [All Lists]

Re: Rules on security issues for static code analizers of Java

from [Justin Clarke] Network Security

[Permanent Link]

Subject:	Re: Rules on security issues for static code analizers of Java
Date:	Tue, 20 Dec 2005 19:40:11 -0500

<plug>
For SQL injection rules for PMD have at look at Network Security Tools 
http://www.oreilly.com/catalog/networkst/
</plug>

The freely downloadable examples have some SQL injection rules - these
were built for one of the chapters by one of the contributing authors
(Joe Hemler).

Justin

On Tue, 2005-12-20 at 10:13 -0600, Juan C Calderon wrote:

Hello all

Could somebody provide some rules to detect Cross Site
Scripting and Sql Injection attacks in source code
using static analizers for Java such as Hammurapi or
PMD.

Also, if you can recommend a Source Code Static
Analizer for C# that would help me a lot.

Regards,
JC


__________________________________________________
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam Âgratis! 
RegÃstrate ya - http://correo.espanol.yahoo.com/

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Rules on security issues for static code analizers of Java, Juan C Calderon Re: Rules on security issues for static code analizers of Java, Justin Clarke <= RE: Rules on security issues for static code analizers of Java, Burke, Charles RE: Rules on security issues for static code analizers of Java, Kline,Nathan C - JDI

Previous by Date:	Re: Tool for source code review, Adam Shostack
Next by Date:	RE: New OWASP project - PCI Web Security Standards, Justin Derry
Previous by Thread:	Rules on security issues for static code analizers of Java, Juan C Calderon
Next by Thread:	RE: Rules on security issues for static code analizers of Java, Burke, Charles
Indexes:	[Date] [Thread] [Top] [All Lists]