For Visual Studio users, Microsoft has a
snap-in that analyzes your code for common vulnerabilities. To quote the download page:
CAT.NET is a binary code analysis tool that helps identify common variants of certain prevailing vulnerabilities that can give rise to common attack vectors such as Cross-Site Scripting (XSS), SQL Injection and XPath Injection.
The rules supported include:
- Cross Site Scripting
- SQL Injection
- Process Command Injection
- File Canonicalization
- Exception Information
- LDAP Injection
- Redirection to User Controlled Site
You can download the CAT.NET plug-in
here.
No comments:
Post a Comment