WebApp Sec mailing list archives
LAPSE: code auditing tool for Java
From: "Benjamin Livshits" <livshits () cs stanford edu>
Date: Fri, 11 Aug 2006 11:41:46 -0700
We are happy to announce the first public release of LAPSE: a source code security scanner for Java. LAPSE is an Eclipse plugin that helps automate the code review process for Java J2EE applications. LAPSE is inspired by existing lightweight security auditing tools such as RATS, pscan, and FlawFinder. Unlike those tools, however, LAPSE addresses Web applications vulnerabilities such as SQL injection, cross-site scripting, path traversal, etc. LAPSE is not intended as a comprehensive solution for Web application security, but rather as an aid in the code review process. More information about LAPSE can be found at http://suif.stanford.edu/~livshits/work/lapse/ Enjoy. -Ben http://www.stanford.edu/~livshits/ ------------------------------------------------------------------------- Sponsored by: Watchfire Watchfire was recently named the worldwide market leader in Web application security assessment tools by both Gartner and IDC. Download a free trial of AppScan today and see why more customers choose AppScan then any other solution. Try it today! https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008VnB --------------------------------------------------------------------------
Current thread:
- LAPSE: code auditing tool for Java Benjamin Livshits (Aug 11)