Difference between revisions of "OWASP O2 Platform/Microsoft/CAT.NET"

From OWASP
Jump to: navigation, search
(related blog posts)
Line 14: Line 14:
 
== other relevant links==
 
== other relevant links==
 
*  [https://connect.microsoft.com/site/sitehome.aspx?SiteID=734 Microsoft Information Security Tools team Connect site]
 
*  [https://connect.microsoft.com/site/sitehome.aspx?SiteID=734 Microsoft Information Security Tools team Connect site]
 +
* [http://msdn.microsoft.com/en-us/security/dd547422.aspx Microsoft IT’s Information Security (InfoSec) group]
  
 
== related blog posts ==
 
== related blog posts ==
Line 21: Line 22:
 
* [http://teamfoundationserver.wordpress.com/2009/11/25/security-tools-from-microsoft/ Security tools from Microsoft] (Tobias had some issues running the latest version)
 
* [http://teamfoundationserver.wordpress.com/2009/11/25/security-tools-from-microsoft/ Security tools from Microsoft] (Tobias had some issues running the latest version)
 
* from main CAT.NET Blog
 
* from main CAT.NET Blog
** []
+
** [http://blogs.msdn.com/securitytools/archive/2009/12/01/the-cat-net-2-0-configuration-analysis-engine.aspx The CAT.NET 2.0 Configuration Analysis Engine]
** []
+
** [http://blogs.msdn.com/securitytools/archive/2009/11/12/how-to-run-cat-net-2-0-ctp.aspx How to Run CAT.NET 2.0 CTP]
** []
+
** [http://blogs.msdn.com/securitytools/archive/2009/11/11/some-new-software-security-tools-for-web-developers-ctp-releases.aspx Some New Software Security Tools for Web Developers – (CTP Releases]
** []
+
** [http://blogs.msdn.com/securitytools/archive/2009/07/08/implementation-ideas-for-the-cat-net-2-0-tainted-variable-analysis-algorithm.aspx Implementation Ideas for the CAT.NET 2.0 Tainted Variable Analysis Algorithm]
** []
+
** [http://blogs.msdn.com/securitytools/archive/2009/06/27/new-build-of-cat-net-version-1-1-1-9-please-upgrade.aspx New Build of CAT.NET (Version - 1.1.1.9) – Please Upgrade]
 
+
** [http://blogs.msdn.com/securitytools/archive/2009/06/01/running-cat-net-as-a-custom-msbuild-task.aspx Running CAT.NET as a Custom MSBuild Task]
 
** [http://blogs.msdn.com/securitytools/archive/2009/05/20/cat-net-how-big-do-your-project-files-grow.aspx CAT.NET – How Big Do Your Project Files Grow ?]
 
** [http://blogs.msdn.com/securitytools/archive/2009/05/20/cat-net-how-big-do-your-project-files-grow.aspx CAT.NET – How Big Do Your Project Files Grow ?]
 +
* FxCop
 +
** [http://burgerminds.wordpress.com/2009/06/28/fxcop-stylecop/ FxCop & StyleCop]
 +
* VS2010
 +
** [http://rcosic.wordpress.com/2009/04/06/code-analysis-in-visual-studio-2010/ Code Analysis in Visual Studio 2010]
  
 
== videos==
 
== videos==
 
* [http://channel9.msdn.com/posts/Jossie/Assessment-and-Protection-Suite/ Assessment and Protection Suite] -''"... Anil Revuru (RV) and Mark Curphey, from Microsoft Information Security, introduce what would be in the future a suite of tools that will help you assess your code as well as protect it. This is called the Assessment & Protection (A&P) Suite and it includes the following tools: Web Protection Library (WPL) – which includes Anti-XSS, SRE, mitigation of SQL Injection, CSRF among others CAT.NET Web Application Configuration Analyzer (WACA) and room for more future add-ons ..."''
 
* [http://channel9.msdn.com/posts/Jossie/Assessment-and-Protection-Suite/ Assessment and Protection Suite] -''"... Anil Revuru (RV) and Mark Curphey, from Microsoft Information Security, introduce what would be in the future a suite of tools that will help you assess your code as well as protect it. This is called the Assessment & Protection (A&P) Suite and it includes the following tools: Web Protection Library (WPL) – which includes Anti-XSS, SRE, mitigation of SQL Injection, CSRF among others CAT.NET Web Application Configuration Analyzer (WACA) and room for more future add-ons ..."''
 
* [http://msevents.microsoft.com/cui/WebCastEventDetails.aspx?culture=en-US&EventID=1032398772&CountryCode=US MSDN Webcast: Managing Cross-Site Scripting Using CAT.NET and AntiXSS (Level 200)]
 
* [http://msevents.microsoft.com/cui/WebCastEventDetails.aspx?culture=en-US&EventID=1032398772&CountryCode=US MSDN Webcast: Managing Cross-Site Scripting Using CAT.NET and AntiXSS (Level 200)]
 
+
* WACA & WPL
 
+
** [http://channel9.msdn.com/posts/Jossie/Web-Application-Configuration-Analizer-WACA Using Web Application Configuration Analyzer (WACA) - CTP Version]
 +
** [http://channel9.msdn.com/posts/Jossie/Web-Application-Configuration-Analyzer-WACA Web Application Configuration Analyzer (WACA)]
 
{{:OWASP_O2_Platform/WIKI/bottom}}
 
{{:OWASP_O2_Platform/WIKI/bottom}}
 +
** [http://channel9.msdn.com/posts/Jossie/Enhanced-Web-Protection-Library/ Enhanced Web Protection Library]
 +
** [http://channel9.msdn.com/posts/Jossie/Using-the-Web-Protection-Library-WPL-CTP-Version/ Using the Web Protection Library (WPL) - CTP Version]

Revision as of 07:13, 4 December 2009

Contents

current O2 support

  • Dedicated O2 Module O2_Scanner_MsCatNet with support for
    • finding target dlls (recursive search on local directories)
    • triggering scans
    • converting CAT.NET Results into O2's Findings schema

description

download

other relevant links

related blog posts

videos


go back to the main OWASP O2 Platform page