Oct 23, 2014

Video: BSides DC 2014


BSides DC 2014 

 


Source:: https://www.youtube.com/playlist?list=PLWeT8XI0Y0X7MI_Q-nbG4JUKIGmvLhd3l

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Oct 21, 2014

Tools: Findbugs + FindSecurityBugs - Java security static analysis tool

FindBugs

a program which uses static analysis to look for bugs in Java code.  It is free software, distributed under the terms of the Lesser GNU Public License. The name FindBugs™ and the FindBugs logo are trademarked by The University of Maryland. FindBugs has been downloaded more than a million times. 

Source:: http://findbugs.sourceforge.net/

FindSecurityBugs
For those who don't know about it, FindSecurityBugs is a plugin for the Java static analysis tool FindBugs. This plugin consist of a set rules that focus only on security weakness.

Source: http://blog.h3xstream.com/2014/10/find-security-bugs-new-version-and.html


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: RIPS (Static Source Code Analysis For PHP Vulnerabilities)

RIPS is a tool written in PHP to find vulnerabilities using static source code analysis for PHP web applications. By tokenizing and parsing all source code files RIPS is able to transform PHP source code into a program model and to detect sensitive sinks (potentially vulnerable functions) that can be tainted by user input (influenced by a malicious user) during the program flow. Besides the structured output of found vulnerabilities RIPS also offers an integrated code audit framework for further manual analysis.  

Source: http://rips-scanner.sourceforge.net/


If you like my blog, Please Donate Me
Or Click The Banner For Support Me.

Tools: OWASP OWTF(Offensive Web Testing Framework)

OWASP OWTF is a project that aims to make security assessments as efficient as possible by automating the manual, uncreative part of pen testing


Source:: https://owtf.github.io/

If you like my blog, Please Donate Me
Or Click The Banner For Support Me.