Search Results for "hpc code analysis"

VM was built to provide “Executable architecture” for Java Static Application Security Testing (SAST) scanning and vulnerabilities remediation - as proof-of-concept and quick start or learning environment for the Java developers/security experts looking to enhance code quality and security by applying open-source static code analysis tool. I used SonarCube Community Edition V10.6 (latest free edition) against the latest codebase of the OWASP WebGoat - both real-life project with considerable...

FACPL: a Java-based library for the specification and enforcement of Access Control policies - Attribute-based Access Control Policies - Advanced features for the management of, e.g., combining algorithms and missing attributes - Generation of XACML code starting from FACPL code - Generation of FACPL code starting from XACML code Source Code: https://github.com/andreamargheri/FACPL/

WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives. WAP detects the following vulnerabilities: - SQL injection using MySQL, PostgreSQL and DB2 DBMS - Reflected cross-site scripting (XSS) - Stored XSS - Remote file inclusion - Local file inclusion - Directory traversal - Source code disclosure - OS command injection - PHP code injection WAP is a static...

PHParser 1.2 generates a pure Java parser for PHP programs. Invoking this parser yields an explicit parse tree (AST) and a tree walker suitable for further analysis. This tool package is based upon: - ANTLR 3.2 or higher (www.antlr.org). - JDK 1.6 or higher (java.sun.com). - Grammar specifications of PHP 5.3.

CesTa (Code Enhancing Security Transformation and Analysis) is a tool for enhancing security by program transformations. Focused on Smart Cards (Java Card in particular), powered by Ant, ANTLR and StringTemplates.

A suite of source and binary programs to test the capabilities of code analysis tools. A reference implementation of x86 binary analysis in C# is also included.

InsecureWebApp is a web app that includes common web application vulnerabilities including SQL&Html Injection- see owasp.org. It is a target for automated and manual penetration testing, source code analysis, vulnerability assessments and threat modeling.

Web Server Protection and Analysis Tool

KF Checker infers information flow rules from source code. The rules obtained in this way are used to create a theory which it then exploited to prove that information flow policies are respected.