< Prev 1 2 3 Next >
Category: Auditing » Source Code
'RatScan' a security tool and front-end for the RATS scanner which can check your source code for weaknesses, vulnerabilities and exploits. It can detect potentially dangerous coding practices and advise you on the risks and the various steps needed to secure your code further. It is compatible with multiple programming languages including PHP, C/C++, Perl and others.
RATS (Rough Auditing Tool for Security)
RATS, the Rough Auditing Tool for Security, is a security auditing utility for C and C++ code. RATS scans source code, finding potentially dangerous function calls. The goal of this project is not to definitively find bugs (yet). The current goal is to provide a reasonable starting point for performing manual security audits.
Fenris started as a binary code tracing utility, but since the first release, it gets more and more difficult to write a simple summary of its functionality. Fenris is a comprehensive multi-level code tracer, a bit of a C decompiler, an interactive modular debugger, a code analysis tool, an execution path visualisation tool, a function fingerprinting and symtab recovery tool - all depends on how you use it. Fenris is suitable for everything from bug tracking or protocol analysis to forensics and reverse engineering, doing all the mindless work for you and making your life a bit easier.
SecureCFM is dedicated to the audit of ColdFusion source code (CFML), in order to detect then correct possible Cross Site Scripting vulnerabilities.
In Phrack 54, route|Mike Schiffman wrote a series of patches for OpenBSD 2.4 for Trusted Path Execution (TPE). Stephanie brings a modified version of these up to speed for OpenBSD 2.8 and 2.9, along with some additional features. Stephanie also brings restricted symbolic links, ala the openwall patches for linux. As time permits, i'm still working on adding additional features, and will add bits of the openwall stuff i like. The basic goal is to add an extra layer of security without being a monumental pain in the ass to legitimate users, so some things won't be there. I haven't added the additional hard link restrictions of the openwall patch, but will do something about this later as time permits
cqual is a typed-based analysis tool for finding bugs in C programs. It extends the type system of C with extra user-defined type qualifiers. The programmer annotates their program with the appropriate qualifiers, and cqual checks for errors. Incorrect annotations indicate potential bugs. cqual presents the analysis results using Program Analysis Mode, an emacs-based GUI. Among other applications, cqual can be used to detect potential format-string vulnerabilities. It includes default configuration files to detect format-string bugs out-of-the-box.
(Update) Strace is a system call trace, i.e. a debugging tool which prints out a trace of all the system calls made by a another process/program. The program to be traced need not be recompiled for this, so you can use it on binaries for which you don't have source. System calls and signals are events that happen at the user/kernel interface. A close examination of this boundary is very useful for bug isolation, sanity checking and attempting to capture race conditions.
Source Code Scanner For File Race Conditions 1.0b
Programs sometimes contain unsafe file handling code, particularly that involving race conditions. These commonly occur where check is performed on a file object (for existence, file owner, group or mode) and some use of the file is decided upon as a result. This can be insecure if changes occur affecting the file object between the check and the use. This will be a problem if the code contains the assumption that a check remains valid (a programming condition) and the file object concerned can actually be changed by an attacker (an environmental condition).
ITS4 is a command-line tool for statically scanning C and C++ source code for security vulnerabilities. ITS4 scans through source code for potentially dangerous function calls that are stored in a database. Anything that is in the database gets flagged. ITS4 tries to automate a lot of the grepping usually done by hand when performing security audits.
Strace for NT
Strace for NT is a debugging/investigation utility for examining the NT system calls made by a process. It is meant to be used like the strace (or truss) on linux and other unix OSes.
Browse by category