WebApp Sec mailing list archives
Re: Web Application Analysis Tools?
From: "Kevin Spett" <kspett () spidynamics com>
Date: Thu, 12 Dec 2002 13:47:00 -0500
RATS audits PHP, Perl, Python and C/C++. I haven't used it, so I can't attest to how valuable the results are. In any case, there's a cool image on the RATS site: http://www.securesoftware.com/ Kevin Spett SPI Labs http://www.spidynamics.com/ ----- Original Message ----- From: "David Simcik" <dave () simcik com> To: "Webappsec" <webappsec () securityfocus com> Sent: Thursday, December 12, 2002 12:50 PM Subject: Web Application Analysis Tools?
Where I work, we've (read: I) have spent a considerable amount of time focusing in on locking-down our sites/servers on the system level, from
say,
IIS down, through a variety of ways. I should point out that we're a small web development shop in academia. I'd now like to focus on our web application source now as well. Are there any analysis/auditing tools out there (especially free/inexpensive ones) that will help with this? I
suspect
there aren't any "one size fits all" type solutions out there for this,
but
I have to try. Thanks! David
Current thread:
- RE: Web Application Analysis Tools? Lars Troen (Dec 12)
- <Possible follow-ups>
- Web Application Analysis Tools? David Simcik (Dec 12)
- Re: Web Application Analysis Tools? Kevin Spett (Dec 12)
- Re: Web Application Analysis Tools? Jeff Williams @ Aspect (Dec 12)
- Re: Web Application Analysis Tools? Kevin Spett (Dec 12)
- Re: Web Application Analysis Tools? Martin Eiszner (Dec 12)
- Re: Web Application Analysis Tools? Kevin Spett (Dec 12)