WebApp Sec mailing list archives
Re: Secure Source Code Analysis Parser/Tool
From: Adam Shostack <adam () homeport org>
Date: Tue, 29 Jun 2004 12:34:46 -0400
My bad, PreFIX and preFAST. Adam On Tue, Jun 29, 2004 at 09:29:48AM -0700, Michael Howard wrote: | >> And then there are Prefix and Postfix, which are going to be in | visual studio "whidbey." | | Prefast is in Whidbey Enterprise, beta1 one of which was release today | | http://lab.msdn.microsoft.com/vs2005/ | | There's no tool I know of called Postfix! | | [Writing Secure Code 2nd Edition] | http://www.microsoft.com/mspress/books/5957.asp | [Protect Your PC] http://www.microsoft.com/protect | [Blog] http://blogs.msdn.com/michael_howard | [Annual Security Training] | http://mste/training/offerings.asp?offeringid=7142 | | -----Original Message----- | From: Adam Shostack [mailto:adam () homeport org] | Sent: Tuesday, June 29, 2004 8:33 AM | To: Stan Guzik | Cc: webappsec () securityfocus com | Subject: Re: Secure Source Code Analysis Parser/Tool | | On Tue, Jun 29, 2004 at 11:04:42AM -0400, Stan Guzik wrote: | | Hello, | | | | Does anyone of an open source secure source code analysis parser/tool? | | I'm looking for a parser to run on ASP, ASP.NET, VB, and VB.NET. If | the | | tool is for another language that's OK. If you don't know of a tool | any | | good reference on how to write on is appreciated. | | Its not open source, but FXCop is the most MS oriented source security | tool I know of. http://www.gotdotnet.com/team/fxcop/ And then there | are Prefix and Postfix, which are going to be in visual studio | "whidbey." | | There's RATS and Splint, which are open source tools for C, which | aren't ASP, .NET, or VB. | | Adam
Current thread:
- Secure Source Code Analysis Parser/Tool Stan Guzik (Jun 29)
- Re: Secure Source Code Analysis Parser/Tool Adam Shostack (Jun 29)
- Re: Secure Source Code Analysis Parser/Tool exon (Jun 29)
- RE: Secure Source Code Analysis Parser/Tool Mark Curphey (Jun 29)
- Re: Secure Source Code Analysis Parser/Tool Ron Espiritu (Jun 29)
- <Possible follow-ups>
- RE: Secure Source Code Analysis Parser/Tool Michael Howard (Jun 29)
- Re: Secure Source Code Analysis Parser/Tool Adam Shostack (Jun 29)
- RE: Secure Source Code Analysis Parser/Tool Kline, Nathan C - CIEP-3 (Jun 29)
- RE: The Right Approach to Web Developer Education Yaakov Yehudi (Jun 30)