黑盒白盒測試工具
http://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis
C/C++
1、flawfinder
http://www.dwheeler.com/flawfinder/
2ãBunny the Fuzzer (fuzzer function)
http://code.google.com/p/bunny-the-fuzzer/wiki/BunnyDoc
3ãrats
http://www.fortify.com/security-resources/rats.jsp
JAVA/JSP
1ãfindbugs
http://findbugs.sourceforge.net/
2ãLAPSE ï¼Eclipse plugin)
http://suif.stanford.edu/~livshits/work/lapse/
PHP
1ãPixy
http://pixybox.seclab.tuwien.ac.at/pixy/
2ãswaat
http://www.securitycompass.com/swaat/
Addison Wesley – Secure Programming with Static Analysis – 2007.pdf
Art.of.Software.Security.Assessment.chm
給出兩款我們用的比較多的java原始碼
檢查工具:findbugs和 checkstyle
Php Code Audits的方向
下面是一個Source Code Auditing tools的一個list[轉於網路]
Name – [ language/s supported ] – web link:
.TEST – [ C#, VB.NET, MC++ ] – http://www.parasoft.com/jsp/products.jsp
ASTRéE – [ C ] – http://www.astree.ens.fr
Bandera – [ Java ] – http://bandera.projects.cis.ksu.edu/
BLAST – [ C ] – http://mtc.epfl.ch/software-tools/blast/
BOON – [ C ] – http://www.cs.berkeley.edu/~daw/boon/
C Code Analyzer (CCA) – [ C ] – http://www.drugphish.ch/~jonny/cca.html
C++test – [ C++ ] – http://www.parasoft.com/jsp/products.jsp
CCMetrics – [ C#, VB.NET ] – http://www.serviceframework.com/jwss/utility,ccmetrics,utility.aspx
Checkstyle – [ Java ] – http://checkstyle.sourceforge.net/
CodeCenter – [ C ] – http://www.ics.com/products/centerline/codecenter/features.html
CodeScan – [ .ASP, PHP ] – http://www.codescan.com/
CodeSecure – [ PHP, Java ] – http://www.armorize.com/corpweb/en/products/codesecure
CodeSonar – [ C, C++ ] – http://www.grammatech.com/products/codesonar/overview.html
CQual – [ C ] – http://www.cs.umd.edu/~jfoster/cqual
Csur – [ C ] – http://www.lsv.ens-cachan.fr/csur/
Dehydra – [ C++ ] – http://wiki.mozilla.org/Dehydra_GCC
DevInspect – [ C#, Visual Basic, JavaScript, VB Script] – http://www.spidynamics.com/products/devinspect/
DevPartner SecurityChecker – [ C#, Visual Basic ] – http://www.compuware.com/products/devpartner/securitychecker.htm
DoubleCheck – [ C, C++ ] – http://www.ghs.com/products/doublecheck.html
FindBugs – [ Java ] – http://findbugs.sourceforge.net/
FlawFinder – [ C, C++ ] – http://www.dwheeler.com/flawfinder/
Fluid – [ Java ] – http://www.fluid.cs.cmu.edu/
Frama-C – [ C ] – http://frama-c.cea.fr/
ftnchek – [ FORTRAN ] – http://www.dsm.fordham.edu/~ftnchek/
FxCop – [ .NET ] – http://code.msdn.microsoft.com/codeanalysis
g95-xml – [ FORTRAN ] – http://g95-xml.sourceforge.net/
ITS4 – [ C, C++ ] – http://www.cigital.com/its4/
Jlint – [ Java ] – http://artho.com/jlint/
JsLint – [ JavaScript ] – http://www.jslint.com/
Jtest – [ Java ] – http://www.parasoft.com/jsp/products.jsp
KlocWork / K7 – [ C, C++, Java ] – http://www.klocwork.com/products/k7_security.asp
LAPSE – [ Java ] – http://www.owasp.org/index.php/Category:OWASP_LAPSE_Project
MOPS – [ C ] – http://www.cs.berkeley.edu/~daw/mops/
MSSCASI – [ ASP ] – http://www.microsoft.com/downloads/details.aspx?FamilyId=58A7C46E-A599-4FCB-9AB4-A4334146B6BA&displaylang=en
MZTools – [ VB6, VBA ] – http://www.mztools.com/index.aspx/
Oink – [ C++ ] – http://www.cubewano.org/oink
Ounce – [ C, C++, Java, JSP, ASP.NET, VB.NET, C# ] – http://www.ouncelabs.com/accurate-complete-results.html
Perl-Critic – [ Perl ] – http://search.cpan.org/dist/Perl-Critic/
PLSQLScanner 2008 – [ PLSQL ] – http://www.red-database-security.com/software/plsqlscanner.html
PHP-Sat – [ PHP ] – http://www.program-transformation.org/PHP/PhpSat
Pixy – [ PHP ] – http://pixybox.seclab.tuwien.ac.at/pixy/index.php
PMD – [ Java ] – http://pmd.sourceforge.net/
PolySpace – [ Ada, C, C++ ] – http://www.polyspace.com/products.htm
PREfix & PREfast – [ C, C++ ] – http://support.microsoft.com/vst
Prevent – [ C, C++ ] – http://www.coverity.com/html/coverity-software-quality-products.html
PyChecker – [ Python ] – http://pychecker.sourceforge.net/
pylint – [ Python ] – http://www.logilab.org/project/pylint
QA-C, QA-C++, QA-J – [ C, C++, Java, FORTRAN ] – http://www.programmingresearch.com/PRODUCTS.html
QualityChecker – [ Visual Basic 6 ] – http://d.cr.free.fr/
RATS – [ C, C++, Perl, PHP, Python ] – http://www.fortify.com/security-resources/rats.jsp
RSM – [ C, C++, C#, Java ] – http://msquaredtechnologies.com/m2rsm/
Smatch – [ C ] – http://smatch.sourceforge.net/
SCA – [ ASP.NET, C, C++, C#, Java, JSP, PL/SQL, T-SQL, VB.NET, XML ] – http://www.fortifysoftware.com/products/sca/
Skavenger – [ PHP ] – http://code.google.com/p/skavenger/
smarty-lint – [ PHP ] – http://code.google.com/p/smarty-lint/
soot – [ Java ] – http://www.sable.mcgill.ca/soot/
Source Monitor – [ C#, VB.NET ] – http://www.campwoodsw.com/sm20.html
SPARK – [ Ada ] – http://www.praxis-his.com/sparkada/spark.asp
Spike PHP Security Audit Tool – [ PHP ] – http://developer.spikesource.com/projects/phpsecaudit/
Splint – [ C ] – http://www.splint.org/
SWAAT – [ PHP, ASP.NET, JSP, Java ] – http://www.owasp.org/index.php/Category:OWASP_SWAAT_Project
UNO – [ C ] – http://spinroot.com/uno/“>
vil – [ C#, VB.NET ] – http://www.1bot.com/
Viva64 – [ C++ ] – http://www.viva64.com/
xg++ – [ C ] – http://www.stanford.edu/~engler/mc-osdi.pdf
YTKScan Java – [ Java ] – http://www.cam.org/~droujav/y2k/Y2KScan.html
支援php的有:
CodeScan – [ .ASP, PHP ] – http://www.codescan.com/
CodeSecure – [ PHP, Java ] – http://www.armorize.com/corpweb/en/products/codesecure
PHP-Sat – [ PHP ] – http://www.program-transformation.org/PHP/PhpSat
Pixy – [ PHP ] – http://pixybox.seclab.tuwien.ac.at/pixy/index.php
RATS – [ C, C++, Perl, PHP, Python ] – http://www.fortify.com/security-resources/rats.jsp
Skavenger – [ PHP ] – http://code.google.com/p/skavenger/
smarty-lint – [ PHP ] – http://code.google.com/p/smarty-lint/
Spike PHP Security Audit Tool – [ PHP ] – http://developer.spikesource.com/projects/phpsecaudit/
SWAAT – [ PHP, ASP.NET, JSP, Java ] – http://www.owasp.org/index.php/Category:OWASP_SWAAT_Project
另外還有一個Fortify – http://www.fortifysoftware.com [如果還有,請幫忙補充]
目前就php的Source Code Auditing tool基本都是靜態分析的,而Source Code Auditing一直圍繞著2個元素:變數和函式.也就是說這些tools不管是php開發的還是java開發的,也不管是不是基於php原始碼的,他本身都對一些危險的函式和變數都對應的一個`字典`[特徵字串],這些tools都是通過查詢這些字典,然後跟蹤變數來分析程式碼.
但是隨著程式設計師安全意識的提高,很多的程式設計師也知道了這些`字典`了,都有對應的過濾,所以那些傳統的問題,很找在大型程式裡出現了.所以只有通過擴大我們的字典才有更多的機會去找到應用程式的漏洞.我們的途徑有:
* 分析和學習別人發現的漏洞或者exp,如大牛Stefan Esser發現的那些問題,rgod等以前發的那些exp
* 通過學習php手冊或者官方文件瞭解php 一些函式的`特性`
* fuzz php的函式,找到新的有問題的函式[不一定非要溢位的]
* 分析php原始碼,發現新的漏洞函式`特性`或者漏洞
* 有條件或者機會和開發者學習,找到他們實現某些常用功能的程式碼的缺陷或者容易忽視的問題
* 你有什麼要補充的嗎? ?
相關文章
- 白盒測試、灰盒測試以及黑盒測試的區別
- 黑盒測試和白盒測試的關係
- 知識普及:黑盒測試、白盒測試、灰盒測試之間的區別
- 黑盒測試、白盒測試、單元測試、整合測試、系統測試、驗收測試的區別與聯絡...
- 細說白盒測試
- 軟體測試實驗二 | 白盒測試
- 白盒測試程式碼應該怎麼測試
- WinAMS―嵌入式軟體白盒測試工具介紹
- webgoat白盒審計+漏洞測試WebGo
- 軟體測試中的白盒測試是什麼?
- 黑盒測試
- 程式碼審計基礎--白盒測試
- 測試管理及測試工具盒集
- 機器學習解釋模型:黑盒VS白盒(附資料連結)機器學習模型
- 軟體測試要學什麼(2)白盒測試詳解教程
- 有大佬做安卓平臺的白盒測試麼?安卓
- 軟體測試技術-黑盒測試
- APP黑盒測試總結APP
- 黑盒測試用例二
- 程式碼滲透測試服務 白盒審計詳情
- 黑盒測試策略及測試範圍(web端)Web
- 【軟體測試】(三)黑盒測試綜合策略概述
- 軟體測試中的黑盒測試是什麼?
- 年輕人不講武德不僅白piao介面測試知識還白piao介面測試工具會員
- NEO智慧合約黑盒測試框架框架
- 黑盒測試---等價類劃分法
- 軟體測試培訓之:白盒測試的語句覆蓋法和判定覆蓋法
- 黑盒測試工具需要具備的主觀域和功能域
- 黑盒測試方法之邊界值分析
- 黑盒測試用例設計方法三
- 軟體測試要學什麼(1)黑盒測試詳解教程
- 浪潮邊緣伺服器支援中國聯通首批5G白盒UPF測試伺服器
- 黑盒測試技術之等價類劃分
- 測試前奏 之 Robotium使用Eclipse和ADT對apk進行黑盒測試EclipseAPK
- ODS:輸出多樣化取樣,有效增強白盒和黑盒攻擊的效能 | NeurIPS 2020
- 【十年測試】烏雲安全白帽子聊聊介面測試
- Practise 5.2測試與封裝(黑白盒封裝
- 白話分散式儲存測試(一)明確測試目標分散式