Source Code Analysis Tools

Revision as of 21:22, 30 October 2006 by Wichers (talk | contribs) (Commercial Tools from OWASP Members Of This Type)

Jump to: navigation, search

Page dedicated to the analysis and comment of Source Code Audit tools:



Strengths and Weaknesses

Important Selection Criteria

  • Requirement: Must support your language, but not usually a key factor once it does.
  • Types of Vulnerabilities it can detect (Out of the OWASP Top Ten?) (plus more?)
  • Does it require a fully buildable set of source?
  • Can it run against binaries instead of source?
  • Can it be integrated into the developer's IDE?

OWASP Tools Of This Type

Open Source or Free Tools Of This Type

Commercial Tools from OWASP Members Of This Type

These vendors have decided to support OWASP by becoming members. OWASP appreciates the support from these organizations, but cannnot endorse any commercial products or services.

Other Well Known Commercial Tools Of This Type

More Info