This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Find Security Bugs

From OWASP
Revision as of 19:35, 20 March 2019 by H3xstream (talk | contribs) (First draft)

Jump to: navigation, search
OWASP Project Header.jpg

Description

Find Security Bugs is a SpotBugs plugin for security audits of Java web applications and Android applications. It can detect 128 different vulnerability types including Command Injection, XPath Injection, SQL/HQL Injection, XXE and Cryptography weaknesses. SpotBugs is a static analysis tool that targets Java but also works with Groovy, Scala and Kotlin projects.

Licensing

This software is released under LGPL.

Roadmap

Theses are the current priorities:

  • Release a new version every few months.
  • Improve the quality of the static analysis detectors
  • Continue working on finding new vulnerabilities ideas and implementing detectors if there is an opportunity.
  • Improving the documentation for new contributors.

Getting Involved

Involvement in the development and promotion of Find Security Bugs is actively encouraged!

You can contribute by :

  • suggesting idea for new detectors that are not already cover.
  • Coding new detectors or modifying exist ones. See Good first issue on Github to get started
  • Reviewing the descriptions of the different vulnerabilities or this page

Project Resources

Website

GitHub page

Release notes


Project Leader

Philippe Arteau

Related Projects

Classifications

Project Type Files CODE.jpg
Incubator Project Owasp-builders-small.png
Owasp-defenders-small.png
LGPL License


Project About

PROJECT INFO
What does this OWASP project offer you? 		RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: Find Security Bugs
Purpose: Static Code Analyzer for Java applications
License: LGPLv3
who is working on this project?
Project Leader(s):
how can you learn more?
Project Pamphlet: View
Project Presentation:
Mailing list: N/A
Project Roadmap: Not Yet Created
Key Contacts
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Find_Security_Bugs&oldid=249066"