Re: Source code review/scanner

---

• From: "Nikhil Wagholikar" <visitnikhil@xxxxxxxxx>
• Date: Sat, 25 Aug 2007 21:40:08 +0530

---

Hello Xelerated,

You can have a look at tool called 'CodeScan' from 'codescanLABS'.
CodeScan is an advanced security tool designed to check web
application source code for security vulnerabilities.

Trial version is available for download.

More Information: http://www.codescan.com/product.html
Home Information: http://www.codescan.com/

---
Nikhil Wagholikar
Information Security Analyst
NII Consulting
Web: http://www.niiconsulting.com



On 8/21/07, xelerated <xelerated@xxxxxxxxx> wrote:

All,
Im looking for something for another dept. to help them review both
source code and web app code created by our developers. The main types
being VB and ASP.

Standard manual testing will still take place, but id like to get
something to check the obvious things before it goes into testing.
Can anyone recommend some tools for both aspects?
Due to separation of duties neither I or the others in network
security nor the developers
will be doing the source code testing. So im trying to find something
that works for those
with less than optimal security or coding knowledge.

Thanks for your input

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

---

• References:
  • Source code review/scanner
    • From: xelerated

• Prev by Date: RE: Webcams
• Next by Date: Assessing Adtran's AOS?
• Previous by thread: RE: Source code review/scanner
• Next by thread: Re: Source code review/scanner
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: PcLinux ... stolen source code which appeared for one of the Windows flavors a while ... How do you think security vulnerabilities ... spot vulnerabilities in Windows are those that illegally decompile it ... (rec.crafts.metalworking) Ruining Security with java.util.Random ... In my review practice I often have to look at Java source code which is used ... It is well-established in security industry that this particular ... vulnerabilities which cause the internal state of java.util.Random to be ... (Pen-Test) Re: PcLinux ... stolen source code which appeared for one of the Windows flavors a while ... How do you think security vulnerabilities ... spot vulnerabilities in Windows are those that illegally decompile it ... (rec.crafts.metalworking) Re: PcLinux ... stolen source code which appeared for one of the Windows flavors a while ... How do you think security vulnerabilities ... spot vulnerabilities in Windows are those that illegally decompile it ... (rec.crafts.metalworking) [Full-disclosure] CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net ... = CodeScan Advisory, codescan.com ... CodeScan Labs, has recently released a new source ... designed to check web application source code for security vulnerabilities. ... (Full-Disclosure)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > pen-test  > 2007-08