oss-sec mailing list archives

Re: Security vulnerability tools

From: Murray McAllister <mmcallis () redhat com>
Date: Thu, 28 Mar 2013 11:20:40 +1100

On 03/28/2013 06:54 AM, Corey Bryant wrote:

Hi,

I'd like to get a better understanding of tools used in the open source
community (kernel and user space) to detect security vulnerabilities.

I have a list below to get started.  If anyone has any input, I'd
appreciate it!

I'll plan on updating http://oss-security.openwall.org/wiki/tools with
anything it doesn't already have.

Hi,

I am sometimes using Splint. From http://www.splint.org/ "Splint is atool for statically checking C programs for security vulnerabilities andcoding mistakes. With minimal effort, Splint can be used as a betterlint. If additional effort is invested adding annotations to programs,Splint can perform stronger checking than can be done by any standard lint."


Cheers.

Current thread:

Security vulnerability tools Corey Bryant (Mar 27)
- Re: [kernel-hardening] Security vulnerability tools Tim Brown (Mar 27)
  - Re: Re: [kernel-hardening] Security vulnerability tools Corey Bryant (Mar 27)
    - Re: Re: [kernel-hardening] Security vulnerability tools Steve Grubb (Mar 28)
    - Re: Re: [kernel-hardening] Security vulnerability tools Tim Brown (Mar 28)
- Re: Security vulnerability tools Solar Designer (Mar 27)
  - Re: [kernel-hardening] Re: Security vulnerability tools Corey Bryant (Mar 27)
    - Re: Security vulnerability tools Solar Designer (Mar 28)
- Re: Security vulnerability tools Russ Allbery (Mar 27)
  - Re: Security vulnerability tools Corey Bryant (Mar 27)
- Re: Security vulnerability tools Murray McAllister (Mar 27)
- Re: Security vulnerability tools Andreas Ericsson (Mar 28)
- Re: Security vulnerability tools Corey Bryant (Mar 29)
  - Re: Re: Security vulnerability tools Raphael Geissert (Mar 29)