Secure Coding mailing list archives
LAPSE: code auditing tool for Java
From: livshits at cs.stanford.edu (Benjamin Livshits)
Date: Fri, 11 Aug 2006 11:41:46 -0700
We are happy to announce the first public release of LAPSE: a source code security scanner for Java. LAPSE is an Eclipse plugin that helps automate the code review process for Java J2EE applications. LAPSE is inspired by existing lightweight security auditing tools such as RATS, pscan, and FlawFinder. Unlike those tools, however, LAPSE addresses Web applications vulnerabilities such as SQL injection, cross-site scripting, path traversal, etc. LAPSE is not intended as a comprehensive solution for Web application security, but rather as an aid in the code review process. More information about LAPSE can be found at http://suif.stanford.edu/~livshits/work/lapse/ Enjoy. -Ben http://www.stanford.edu/~livshits/
Current thread:
- LAPSE: code auditing tool for Java Benjamin Livshits (Aug 11)