lapse-plus - LAPSE+ is a security scanner, based on the white box analysis of code for detecting vulnerabilities in Java EE Applications

  •        7

LAPSE+ is a security scanner, based on the white box analysis of code for detecting vulnerabilities in Java EE Applications.

https://github.com/OWASP/lapse-plus

Tags
Implementation
License
Platform

   




Related Projects

essentia - C++ library for audio and music analysis, description and synthesis, including Python bindings

  •    Jupyter

Essentia is an open-source C++ library for audio analysis and audio-based music information retrieval released under the Affero GPL license. It contains an extensive collection of reusable algorithms which implement audio input/output functionality, standard digital signal processing blocks, statistical characterization of data, and a large set of spectral, temporal, tonal and high-level music descriptors. The library is also wrapped in Python and includes a number of predefined executable extractors for the available music descriptors, which facilitates its use for fast prototyping and allows setting up research experiments very rapidly. Furthermore, it includes a Vamp plugin to be used with Sonic Visualiser for visualization purposes. Essentia is designed with a focus on the robustness of the provided music descriptors and is optimized in terms of the computational cost of the algorithms. The provided functionality, specifically the music descriptors included in-the-box and signal processing algorithms, is easily expandable and allows for both research experiments and development of large-scale industrial applications. If you use example extractors (located in src/examples), or your own code employing Essentia algorithms to compute descriptors, you should be aware of possible incompatibilities when using different versions of Essentia.

EclEmma - Java Code Coverage for Eclipse

  •    Java

EclEmma is a free Java code coverage tool for Eclipse, available under the Eclipse Public License. It brings code coverage analysis directly into the Eclipse workbench. The EclEmma project is also the home of the JaCoCo code coverage library which is the technical back-end for EclEmma and also has integrations with many other build and software quality tools.

Fast code plugin - Eclipse plugin to write code faster

  •    Java

Fast code plugin is a free and open source eclipse plugin designed to help write code faster in J2ee applications. It can be useful with other applications as well. It also has very useful template mechanism feature which helps to generate print/log statements with bunch of fields, create hql, create form fields in a jsp, create struts validation etc.

Code Analysis Plugin

  •    Java

CAP (code analysis plugin) is an eclipse plugin (written in Java) that analysis your java project. It checks dependencies between the classes and packages and gives you a hint about the architecture, reusability and maintainability. (quot;JDepend 2quot;)

phpinspectionsea - A Static Code Analyzer for PHP (a PhpStorm/Idea Plugin)

  •    Java

This project is an OSS Static Code Analysis tool for PhpStorm (2016.2+) and Idea Ultimate. Some of inspections are expecting conditional statements (e.g. "if") to use group statement for wrapping body expressions. If this requirement is met then additional inspections are applied to the source code.


nonius - A C++ micro-benchmarking framework

  •    C++

Nonius is an open-source framework for benchmarking small snippets of C++ code. It is very heavily inspired by Criterion, a similar Haskell-based tool. It runs your code, measures the time it takes to run, and then performs some statistical analysis on those measurements. The library is header-only so you don’t have to build it. It comes as a single header that you can drop somewhere and #include it in your code. Grab that header from the releases page.

dawnscanner - Dawn is a static analysis security scanner for ruby written web applications

  •    Ruby

dawnscanner is a source code scanner designed to review your ruby code for security issues. dawnscanner version 1.6.6 has 235 security checks loaded in its knowledge base. Most of them are CVE bulletins applying to gems or the ruby interpreter itself. There are also some check coming from Owasp Ruby on Rails cheatsheet.

CTK - A set of common support code for medical imaging, surgical navigation, and related purposes.

  •    C++

The Common Toolkit is a community effort to provide support code for medical image analysis, surgical navigation, and related projects.

vbscan - OWASP VBScan is a Black Box vBulletin Vulnerability Scanner

  •    Perl

OWASP VBScan (short for [VB]ulletin Vulnerability [Scan]ner) is an opensource project in perl programming language to detect VBulletin CMS vulnerabilities and analysis them . If you want to do a penetration test on a vBulletin Forum, OWASP VBScan is Your best shot ever! This Project is being faster than ever and updated with the latest VBulletin vulnerabilities.

panda - Platform for Architecture-Neutral Dynamic Analysis

  •    C

PANDA is an open-source Platform for Architecture-Neutral Dynamic Analysis. It is built upon the QEMU whole system emulator, and so analyses have access to all code executing in the guest and all data. PANDA adds the ability to record and replay executions, enabling iterative, deep, whole system analyses. Further, the replay log files are compact and shareable, allowing for repeatable experiments. A nine billion instruction boot of FreeBSD, e.g., is represented by only a few hundred MB. PANDA leverages QEMU's support of thirteen different CPU architectures to make analyses of those diverse instruction sets possible within the LLVM IR. In this way, PANDA can have a single dynamic taint analysis, for example, that precisely supports many CPUs. PANDA analyses are written in a simple plugin architecture which includes a mechanism to share functionality between plugins, increasing analysis code re-use and simplifying complex analysis development. It is currently being developed in collaboration with MIT Lincoln Laboratory, NYU, and Northeastern University.

adblockpluschrome - Adblock Plus browser extension

  •    Javascript

This repository contains the platform-specific Adblock Plus source code for Chrome, Opera, Microsoft Edge and Firefox. It can be used to build Adblock Plus for these platforms, generic Adblock Plus code will be extracted from other repositories automatically (see dependencies file). Note that the Firefox extension built from this repository is the new WebExtension. The source code of the legacy Adblock Plus extension can be found here.

CloneAnalyzer

  •    Java

CloneAnalyzer is a tool for software quality analysis. It allows you to find, display and inspect clones, which are fragments of duplicated source code resulting from lack of proper reuse. It can be used as a plugin for Eclipse and on the command line.

Spoon - Library to analyze, transform, rewrite, transpile Java source code (incl Java 8)

  •    Java

Spoon is an open-source library to analyze, rewrite, transform, transpile Java source code. It parses source files to build a well-designed AST with powerful analysis and transformation API. It fully supports Java 8, Java 9 and Java 10. Spoon is an official Inria open-source project, and member of the OW2 open-source consortium.

Flow4J-Eclipse

  •    Java

Flow4J-Eclipse is a plugin for the eclipse IDE that enables the modelling of process flows in a drag and drop manner. Building a Flow4J project creates the flow\'s java source code and is then compiled by the JDT plugin. Uses the eclipse-gef framework.

PyDev for Eclipse

  •    Java

Please contribute to help keeping PyDev going: https://sw-brainwy.rhcloud.com/ PyDev is a Python Development Environment (Python IDE plugin for Eclipse). It features an editor with code completion, code analysis, refactoring, outline view, debugger, mark occurrences and other goodies - check http://pydev.org for more details)

Fast Code Eclipse Plugin

  •    Java

Fast Code Plugin is a free eclipse plugin designed to help write code faster in Java and Php applications. In Java, it has some special features for applications that uses the well known Spring Framework. It helps to generate code snippets based on fields from arbitrary pojo class or class from any package or files in folder, Generates database templates, Spring config files, Boiler plate classes, Junit test code and lote more.

barf-project - BARF : A multiplatform open source Binary Analysis and Reverse engineering Framework

  •    Python

The analysis of binary code is a crucial activity in many areas of the computer sciences and software engineering disciplines ranging from software security and program analysis to reverse engineering. Manual binary analysis is a difficult and time-consuming task and there are software tools that seek to automate or assist human analysts. However, most of these tools have several technical and commercial restrictions that limit access and use by a large portion of the academic and practitioner communities. BARF is an open source binary analysis framework that aims to support a wide range of binary code analysis tasks that are common in the information security discipline. It is a scriptable platform that supports instruction lifting from multiple architectures, binary translation to an intermediate representation, an extensible framework for code analysis plugins and interoperation with external tools such as debuggers, SMT solvers and instrumentation tools. The framework is designed primarily for human-assisted analysis but it can be fully automated. All packages were tested on Ubuntu 16.04 (x86_64).

ITK - Insight Segmentation and Registration Toolkit -- Mirror

  •    C++

The National Library of Medicine Insight Segmentation and Registration Toolkit (ITK), or Insight Toolkit, is an open-source, cross-platform C++ toolkit for segmentation and registration. Segmentation is the process of identifying and classifying data found in a digitally sampled representation. Typically the sampled representation is an image acquired from such medical instrumentation as CT or MRI scanners. Registration is the task of aligning or developing correspondences between data. For example, in the medical environment, a CT scan may be aligned with a MRI scan in order to combine the information contained in both. The toolkit may be built from source using CMake.

nana - a modern C++ GUI library

  •    C++

Nana is a C++ library designed to allow developers to easily create cross-platform GUI applications with modern C++11 style. Currently it can work on Linux(X11) and Windows. The nana repository contains the entire source of the library. You can browse the source code and submit your pull request for contributing. Jinhao, Ariel Viña Rodríguez.