Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Source code auditing

From: Anders Thulin <anders.thulin () sentor se>
Date: Mon, 15 Feb 2010 09:23:30 +0100
On 2010-02-15 17:53, Oliver Kindernay wrote:


want to start exploiting real applications (open source). I don't know
how to start with finding bugs in application's source. I can use
perl, grep, etc... for finding some statical buffers, strcpys, etc.
but it's good just for some explorative research. Could you post some
sources where can I learn some about source code auditing?


  Google around.

  Some ideas for books that may be useful:

  Dowd et al.: Art of Software Security Assessment
  Anley et al.: Shellcoder's Handbook: Discovering and Exploiting Security Holes
  and similar titles, though I think Dowd is AoSSA is perhaps the best place to start
if you are able to learn by reading.

There are also articles, like 'ITS4: A Static Vulnerability Scanner for C and C++ Code',
projects, like PROTOS (see https://www.ee.oulu.fi/research/ouspg/Protos).

  You may also want to explore tools for static and dynamic analysis, such as
Microsoft Prefast, Gimpel Lint, Purify, and in general many of the tools listed
on http://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis  or
http://en.wikipedia.org/wiki/Dynamic_code_analysis.

-- 
Anders Thulin      anders.thulin () sentor se      070-757 36 10 / Intl. +46 70 757 36 10

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: