Листа на софтвер за ревизија на изворен код
Автор: Ѓоко Крстиќ
Објавено на: 25.06.2008
Уште од поодамна, работев со неколку алатки за тестирање на сигурноста на напишаниот код односно Source Code Audit, алатки кои помагаат автоматски да си ги увидите грешките од кои доколку ги промашите, може да произлезе сериозен проблем во вашите апликации и да бидат цел на разни слабости или напади или пак неочекувани исклучувања и сл.Назив на алатката - [ Јазици кои ги подржува] - Веб сајт:.TEST - [ C#, VB.NET, MC++ ] - http://www.parasoft.com/jsp/products.jsp ASTRÉE - [ C ] - http://www.astree.ens.fr Bandera - [ Java ] - http://bandera.projects.cis.ksu.edu/ BLAST - [ C ] - http://mtc.epfl.ch/software-tools/blast/ BOON - [ C ] - http://www.cs.berkeley.edu/~daw/boon/ C Code Analyzer (CCA) - [ C ] - http://www.drugphish.ch/~jonny/cca.html C++test - [ C++ ] - http://www.parasoft.com/jsp/products.jsp CCMetrics - [ C#, VB.NET ] - http://www.serviceframework.com/jwss/utility,ccmetrics,utility.aspx Checkstyle - [ Java ] - http://checkstyle.sourceforge.net/ CodeCenter - [ C ] - http://www.ics.com/products/centerline/codecenter/features.html CodeScan - [ .ASP, PHP ] - http://www.codescan.com/ CodeSecure - [ PHP, Java ] - http://www.armorize.com/corpweb/en/products/codesecure CodeSonar - [ C, C++ ] - http://www.grammatech.com/products/codesonar/overview.html CQual - [ C ] - http://www.cs.umd.edu/~jfoster/cqual Csur - [ C ] - http://www.lsv.ens-cachan.fr/csur/ Dehydra - [ C++ ] - http://wiki.mozilla.org/Dehydra_GCC DevInspect - [ C#, Visual Basic, JavaScript, VB Script] - http://www.spidynamics.com/products/devinspect/ DevPartner SecurityChecker - [ C#, Visual Basic ] - http://www.compuware.com/products/devpartner/securitychecker.htm DoubleCheck - [ C, C++ ] - http://www.ghs.com/products/doublecheck.html FindBugs - [ Java ] - http://findbugs.sourceforge.net/ FlawFinder - [ C, C++ ] - http://www.dwheeler.com/flawfinder/ Fluid - [ Java ] - http://www.fluid.cs.cmu.edu/ Frama-C - [ C ] - http://frama-c.cea.fr/ ftnchek - [ FORTRAN ] - http://www.dsm.fordham.edu/~ftnchek/ FxCop - [ .NET ] - http://code.msdn.microsoft.com/codeanalysis g95-xml - [ FORTRAN ] - http://g95-xml.sourceforge.net/ ITS4 - [ C, C++ ] - http://www.cigital.com/its4/ Jlint - [ Java ] - http://artho.com/jlint/ JsLint - [ JavaScript ] - http://www.jslint.com/ Jtest - [ Java ] - http://www.parasoft.com/jsp/products.jsp KlocWork / K7 - [ C, C++, Java ] - http://www.klocwork.com/products/k7_security.asp LAPSE - [ Java ] - http://www.owasp.org/index.php/Category:OWASP_LAPSE_Project MOPS - [ C ] - http://www.cs.berkeley.edu/~daw/mops/ MSSCASI - [ ASP ] - http://www.microsoft.com/downloads/details.aspx?FamilyId=58A7C46E-A599-4FCB-9AB4-A4334146B6BA&displaylang=en MZTools - [ VB6, VBA ] - http://www.mztools.com/index.aspx/ Oink - [ C++ ] - http://www.cubewano.org/oink Ounce - [ C, C++, Java, JSP, ASP.NET, VB.NET, C# ] - http://www.ouncelabs.com/accurate-complete-results.html Perl-Critic - [ Perl ] - http://search.cpan.org/dist/Perl-Critic/ PLSQLScanner 2008 - [ PLSQL ] - http://www.red-database-security.com/software/plsqlscanner.html PHP-Sat - [ PHP ] - http://www.program-transformation.org/PHP/PhpSat Pixy - [ PHP ] - http://pixybox.seclab.tuwien.ac.at/pixy/index.php PMD - [ Java ] - http://pmd.sourceforge.net/ PolySpace - [ Ada, C, C++ ] - http://www.polyspace.com/products.htm PREfix & PREfast - [ C, C++ ] - http://support.microsoft.com/vst Prevent - [ C, C++ ] - http://www.coverity.com/html/coverity-software-quality-products.html PyChecker - [ Python ] - http://pychecker.sourceforge.net/ pylint - [ Python ] - http://www.logilab.org/project/pylint QA-C, QA-C++, QA-J - [ C, C++, Java, FORTRAN ] - http://www.programmingresearch.com/PRODUCTS.html QualityChecker - [ Visual Basic 6 ] - http://d.cr.free.fr/ RATS - [ C, C++, Perl, PHP, Python ] - http://www.fortify.com/security-resources/rats.jsp RSM - [ C, C++, C#, Java ] - http://msquaredtechnologies.com/m2rsm/ Smatch - [ C ] - http://smatch.sourceforge.net/ SCA - [ ASP.NET, C, C++, C#, Java, JSP, PL/SQL, T-SQL, VB.NET, XML ] - http://www.fortifysoftware.com/products/sca/ Skavenger - [ PHP ] - http://code.google.com/p/skavenger/ smarty-lint - [ PHP ] - http://code.google.com/p/smarty-lint/ soot - [ Java ] - http://www.sable.mcgill.ca/soot/ Source Monitor - [ C#, VB.NET ] - http://www.campwoodsw.com/sm20.html SPARK - [ Ada ] - http://www.praxis-his.com/sparkada/spark.asp Spike PHP Security Audit Tool - [ PHP ] - http://developer.spikesource.com/projects/phpsecaudit/ Splint - [ C ] - http://www.splint.org/ SWAAT - [ PHP, ASP.NET, JSP, Java ] - http://www.owasp.org/index.php/Category:OWASP_SWAAT_Project UNO - [ C ] - http://spinroot.com/uno/"> vil - [ C#, VB.NET ] - http://www.1bot.com/ Viva64 - [ C++ ] - http://www.viva64.com/ xg++ - [ C ] - http://www.stanford.edu/~engler/mc-osdi.pdf YTKScan Java - [ Java ] - http://www.cam.org/~droujav/y2k/Y2KScan.html Source Code Auditing или Secure Coding , можат да погледнат на следниве линкови:https://www.securecoding.cert.org/confluence/display/seccode/CERT+Secure+Coding+Standards http://insanesecurity.wordpress.com/2007/10/30/source-code-audit-php/ http://www.vanheusden.com/audit.html http://mixter.void.ru/vulns.html t00t w00t Ѓоко Крстиќ Ревизија Анализа Код Програмирање Алатки Листа Кодирање Source Code Auditing Analysis
Facebook нации
Според добиените статистики од Facebook во април, 2009 скоро 143.000 жители на Македонија (околу 7% од популацијата) имале свој профил на оваа друштвена мрежа. Истиот месец, 10% од србите биле Facebook корисници, додека само 3.4% од бугарите а 13.4% од хрватите биле FB членови.
Нема настани во наредните денови.
Ѓоко Крстиќ 
