WebApp Sec mailing list archives
Re: Rules on security issues for static code analizers of Java
From: Justin Clarke <justin () justinclarke com>
Date: Tue, 20 Dec 2005 19:40:11 -0500
<plug> For SQL injection rules for PMD have at look at Network Security Tools http://www.oreilly.com/catalog/networkst/ </plug> The freely downloadable examples have some SQL injection rules - these were built for one of the chapters by one of the contributing authors (Joe Hemler). Justin On Tue, 2005-12-20 at 10:13 -0600, Juan C Calderon wrote:
Hello all Could somebody provide some rules to detect Cross Site Scripting and Sql Injection attacks in source code using static analizers for Java such as Hammurapi or PMD. Also, if you can recommend a Source Code Static Analizer for C# that would help me a lot. Regards, JC __________________________________________________ Correo Yahoo! Espacio para todos tus mensajes, antivirus y antispam ¡gratis! Regístrate ya - http://correo.espanol.yahoo.com/
Current thread:
- Rules on security issues for static code analizers of Java Juan C Calderon (Dec 20)
- Re: Rules on security issues for static code analizers of Java Justin Clarke (Dec 20)
- <Possible follow-ups>
- RE: Rules on security issues for static code analizers of Java Burke, Charles (Dec 22)
- RE: Rules on security issues for static code analizers of Java Kline,Nathan C - JDI (Dec 22)