Welcome to the home of the Synapse project! Synapse is a code analysis tool inspired by other static analysis tools such as OWASP LAPSE, OWASP Orizon, and FlawFinder. The project "compiles" source code into an intermediate format called Common Abstract Syntax Tree (CAST) which is then analyzed for security problems.
It is developed almost entirely using C# (.NET 3.5 or greater) with minimal Java for the aforementioned "compilation" support. The project is currently in development form with hopes of achieving release status in the near future. A more formal project roadmap is under construction.
Eric Sheridan (eric dot sheridan at owasp dot org) is the owner, chief architect, and lead developer of the Synapse project. Aside from leading up Synapse, Eric has contributed to or provided guidance on numerous other OWASP projects including the Cross-Site Request Forgery Prevention Cheat Sheet, WebGoat, Stinger, CSRFTester, and Enterprise Security API (ESAPI).
The source code is currently hosted on Sourceforge in a single zip archive. Synapse will leverage the SVN capabilities of Sourceforge once the project layout and structure becomes more stable. The following links can be used to access the source code.
Looking for Sponsors...
This category currently contains no pages or media.