原始碼掃描裝置/軟體列表

For our purposes, a source code security analyzer examines source code to detect and report weaknesses that can lead to security vulnerabilities. They are one of the last lines of defense to eliminate software vulnerabilities during development or after deployment. A Source Code Security Analysis Tool Functional Specification is available. Byte Code Scanners and Binary Code Scanners have similarities, but work at lower levels. [edit] Some Instances DISCLAIMER : Certain trade

[@more@]names and company products are mentioned in the text or identified. In no case does such identification imply recommendation or endorsement by the National Institute of Standards and Technology () (NIST), nor does it imply that the products are necessarily the best available for the purpose. By selecting almost any of these links, you will be leaving NIST webspace. We provided these links because they may have information of interest to you. No inferences should be drawn because some sites are referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the assertions presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Tool Lan- guage(s) Avail. Finds or Checks for ——Date—— ASTRÉE () C contact undefined code constructs or run-time errors, e.g., out-of-bounds array indexing or arithmetic overflow. 1 Mar 2007 BOON (~daw/boon/) C free integer range analysis determines if an array can be indexed outside its bounds 15 Feb 2005 Bugle () any: C, Java, PHP, Perl, ASP, etc. free Use Google Code Search () to find bug patterns in open source software. See the Auto control panel (), too. 3 Dec 2007 C Code Analyzer (~jonny/cca.html) (CCA) C free Out-of-bounds array indexing or arithmetic overflow. aims for no false positives 20 Apr 2006 C++test () C++ Parasoft () "defects, poor constructs, potentially malicious code and other elements" 4 Apr 2006 .TEST () C#, VB.NET, MC++ Jtest () Java WebKing () HTML CodeCenter () C CenterLine Systems () incorrect pointer values, illegal array indices, bad function arguments, type mismatches, and uninitialized variables 28 Oct 2005 CodeScan .ASP PHP CodeScan Labs () … security holes and source code issues … 10 Oct 2006 CodeSecure () PHP, Java (ASP.NET soon) Armorize Technologies () XSS, SQL Injection, Command Injection, tainted data flow, etc. 16 Mar 2007 CodeSonar () C, C++ GrammaTech () null-pointer dereferences, divide-by-zeros, buffer over- and underruns 21 Mar 2005 CQual (~jfoster/cqual) C free uses type qualifiers to perform a taint analysis, which detects format string vulnerabilities 15 Feb 2005 Csur () C free cryptographic protocol-related vulnerabilities 10 Apr 2006 DevInspect (products/devinspect/) C#, Visual Basic, JavaScript, VB Script SPI Dynamics () application vulnerabilities 21 Dec 2004 DevPartner SecurityChecker (products/devpartner/securitychecker.htm) C#, Visual Basic Compuware () known and potential security vulnerabilities 10 Oct 2006 DoubleCheck () C, C++ Green Hills Software () like buffer overflows, resource leaks, invalid pointer references, and violations of … MISRA 09 Jul 2007 Eau Claire () C unk array bounds errors, null pointer dereferences, string functions 15 Feb 2005 Flawfinder () C/C++ free uses of risky functions, buffer overflow (strcpy()), format string ([v][f]printf()), race conditions (access(), chown(), and mktemp()), shell metacharacters (exec()), and poor random numbers (random()). 2005 Fluid () Java call "analysis based verification" for attributes such as race conditions, thread policy, and object access with no false negatives 28 Oct 2005 ITS4 () C, C++ free for non-competing uses potentially dangerous function calls, with risk analysis of some 11 Feb 2005 Jlint () Java free bugs, inconsistencies and synchronization problems 3 Feb 2006 K7 (products/k7_security.asp) C, C++, and Java Klocwork () Access problems, buffer overflow, injection flaws, insecure storage, unvalidated input, etc. 6 July 2005 LAPSE () Java free helps audit Java J2EE applications for common types of security vulnerabilities found in Web applications. 19 Sep 2006 Ounce (accurate-complete-results.html) C, C++, Java, JSP, ASP.NET, VB.NET, C# Ounce Labs () coding errors, security vulnerabilities, design flaws, policy violations and offers remediation 19 Apr 2007 Qualitychecker () VB6 10 Euros / file static analysis tool 4 Sep 2007 PHP-Sat () PHP free static analysis tool, XSS, etc. description (http://ericbouwers.blogspot.com/) 18 Sep 2006 Pixy () PHP free static analysis tool, only detect XSS and SQL Injection 20 Jun 2007 PMD () Java free questionable constructs, dead code, duplicate code 3 Feb 2006 PolySpace () Ada, C, C++ PolySpace Technologies () run-time errors, unreachable code 25 Feb 2005 PREfix and PREfast (http://research.microsoft.com/users/jpincus/icsm.ppt) C, C++ Microsoft proprietary 10 Feb 2006 Prevent () C, C++ Coverity () flaws and security vulnerabilities – reduces false positives while minimizing the likelihood of false negatives. 11 Mar 2005 QA-C, QA-C++, QA-J, QA-FORTRAN, QA-High-Integrity C C, C++, Java, FORTRAN Programming Research () out-of-bounds array indexing 10 Dec 2004 RATS (http://www.securesoftware.com/resources/tools.html) (Rough Auditing Tool for Security) C free potential security risks 2005 Resource Standard Metrics () (RSM) C, C++, C#, and Java M Squared Technologies () Scan for 50 readability or portability problems or questionable constructs, e.g. different number of "new" and "delete" key words or an assignment operator (=) in a conditional (if). 10 Dec 2004 Smatch () C free simple scripts look for problems in simplified representation of code. primarily for Linux kernel code 20 Apr 2006 SCA () ASP.NET, C, C++, C# and other .NET languages, Java, JSP, PL/SQL, T-SQL, VB.NET, XML Fortify Software () security vulnerabilities, tainted data flow, etc. 21 Apr 2006 SPARK tool set () SPARK (Ada subset) Praxis () ambiguous constructs, data- and information-flow errors, any property expressible in first-order logic (Examiner, Simplifier, and SPADE) 29 Aug 2006 Splint () C free security vulnerabilities and coding mistakes. with annotations, it performs stronger checks 2005 SWAAT () PHP,ASP.NET,JSP free SWAAT is an open source web application source code analysis tool 2007 UNO () C free uninitialized variables, null-pointers, and out-of-bounds array indexing and "allows for the specification and checking of a broad range of user-defined properties". aims for a very low false alarm rate. 3 Feb 2006 Viva64 () C++ Viva64 () finds problems in porting to 64-bit architecture, e.g. out-of-bounds indexing or arithmetic overflow. 07 Feb 2007 xg++ (~engler/mc-osdi.pdf)