Outils d'utilisateurs

Outils du Site


code_scanners

Différences

Cette page vous donne les différences entre la révision choisie et la version actuelle de la page.

Lien vers cette vue

code_scanners [2020/01/31 10:23]
m0n5t3r
code_scanners [2020/03/09 09:14] (Version actuelle)
m0n5t3r
Ligne 5: Ligne 5:
 ====== Code scanners ====== ====== Code scanners ======
  
 +
 +🛠ApplicationInspector -
 +Application Inspector is different from traditional static analysis tools in that it doesn't attempt to identify "good" or "bad" patterns; it simply reports what it finds against a set of over 400 rule patterns for feature detection including features that impact security such as the use of cryptography and more. This can be extremely helpful in reducing the time needed to determine what Open Source or other components do by examining the source directly rather than trusting to limited documentation or recommendations.
 +The tool supports scanning various programming languages including C, C++, C#, Java, JavaScript, HTML, Python, Objective-C, Go, Ruby, PowerShell and more and can scan projects with mixed language files.
 +https://github.com/microsoft/ApplicationInspector
  
 🛠  grep rough audit - source code auditing tool -  The following databases are included: 🛠  grep rough audit - source code auditing tool -  The following databases are included:
 actionscript, android, asp, c, dotnet, exec,  fruit,  ios,  java, js, perl, php, python, rough, ruby, secrets, spsqli, sql, strings, xss, https://github.com/wireghoul/graudit actionscript, android, asp, c, dotnet, exec,  fruit,  ios,  java, js, perl, php, python, rough, ruby, secrets, spsqli, sql, strings, xss, https://github.com/wireghoul/graudit
  
-🛠 sonarqube https://www.sonarqube.org/ 
  
 🛠 VisualCodeGrepper (VCG) - https://sourceforge.net/projects/visualcodegrepp/ 🛠 VisualCodeGrepper (VCG) - https://sourceforge.net/projects/visualcodegrepp/
code_scanners.1580462594.txt.gz · Dernière modification: 2020/01/31 10:23 par m0n5t3r