Penetration Testing mailing list archives
Re: Secure Code review for JAVA applications
From: "Nathaniel Hirsch" <morgothan () gmail com>
Date: Thu, 24 Apr 2008 11:16:25 -0400
Im not sure of any opensource tools for it, but at work we use fortify sca. http://www.fortify.com/products/sca/ Im not sure on the price we payed for it, as that decision is above my pay grade, but I heard it was a lot. I know they have some sort of training that you can take, that will give you a lab license for a year, so you can play around with it. I assume that is significantly less then the whole price. On Thu, Apr 24, 2008 at 2:57 AM, pentestr <pentestr () gmail com> wrote:
Hi hack3r$, I am new into secure code review. I would like to know 1. any sample application for secure code review (like webgoat and hackme books for pen testing of application). 2. Open source secure code review tools for JAVA applications? Thanks&Rgds P.T. ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
-- Nathaniel Hirsch, CISSP ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Secure Code review for JAVA applications pentestr (Apr 24)
- Re: Secure Code review for JAVA applications Nathaniel Hirsch (Apr 25)