This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Appendix A: Testing Tools"
From OWASP
Weilin Zhong (talk | contribs) |
(→Black Box Scanners) |
||
| Line 41: | Line 41: | ||
|} | |} | ||
| − | ==Black Box | + | ==Black Box Testing== |
===Open Source=== | ===Open Source=== | ||
| Line 47: | Line 47: | ||
{| border=1 | {| border=1 | ||
|| '''Scanner''' || '''URL''' | || '''Scanner''' || '''URL''' | ||
| + | |- | ||
| + | || WebScarab || <u>http://www.owasp.org</u> | ||
|- | |- | ||
|| SPIKE || <u>http://www.immunitysec.com</u> | || SPIKE || <u>http://www.immunitysec.com</u> | ||
| − | |||
| − | |||
|- | |- | ||
|| Paros || <u>http://www.proofsecure.com</u> | || Paros || <u>http://www.proofsecure.com</u> | ||
Revision as of 12:18, 20 October 2006
Source Code Analyzers
Open Source / Freeware
| Analyzer | URL |
| RATS | http://www.securesoftware.com |
| FlawFinder | http://www.dwheeler.com/flawfinder |
| Microsoft’s FXCop | http://www.gotdotnet.com/team/fxcop |
| Split | http://splint.org/ |
| Boon | http://www.cs.berkeley.edu/~daw/boon/ |
| Pscan | http://www.striker.ottawa.on.ca/~aland/pscan/ |
Commercial
| Analyzer | URL |
| Fortify | http://www.fortifysoftware.com |
| Ounce labs Prexis | http://www.ouncelabs.com |
| GrammaTech | http://www.grammatech.com |
| ParaSoft | http://www.parasoft.com |
| ITS4 | http://www.cigital.com/its4/ |
| CodeWizard | http://www.parasoft.com/products/wizard/ |
Black Box Testing
Open Source
| Scanner | URL |
| WebScarab | http://www.owasp.org |
| SPIKE | http://www.immunitysec.com |
| Paros | http://www.proofsecure.com |
Commercial
| Scanner | URL |
| ScanDo | http://www.kavado.com |
| WebSleuth | http://www.sandsprite.com |
| SPI Dynamics | http://www.spidynamics.com |
Other Tools
Runtime Analysis
| Analyzer | URL |
| Rational PurifyPlus | http://www-306.ibm.com/software/awdtools |
Binary Analysis
| Analyzer | URL |
| BugScam | http://sourceforge.net/projects/bugscam |
| BugScan | http://www.hbgary.com |
Requirements Management
| Manager | 'URL' |
| Rational Requisite Pro | <u>http://www-306.ibm.com/software/awdtools/reqpro</u> |
OWASP Testing Guide Table of Contents
This article is a stub. You can help OWASP by expanding it or discussing it on its Talk page.
