This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Find Security Bugs

From OWASP
Revision as of 20:01, 20 March 2019 by H3xstream (talk | contribs)

Jump to: navigation, search
OWASP Project Header.jpg

Description

Find Security Bugs is a SpotBugs plugin for security audits of Java web applications and Android applications. It can detect 128 different vulnerability types including Command Injection, XPath Injection, SQL/HQL Injection, XXE and Cryptography weaknesses. SpotBugs is a static analysis tool that targets Java but also works with Groovy, Scala and Kotlin projects.

Licensing

This software is released under LGPL.

Roadmap

Theses are the current priorities:

  • Release a new version every few months.
  • Improve the quality of the static analysis detectors
  • Continue working on finding new vulnerabilities ideas and implementing detectors if there is an opportunity.
  • Improving the documentation for new contributors.

Getting Involved

Involvement in the development and promotion of Find Security Bugs is actively encouraged!

You can contribute by :

Project Resources

Project Leader

Philippe Arteau

Related Projects

Classifications

Project Type Files CODE.jpg
Incubator Project Owasp-builders-small.png
Owasp-defenders-small.png
LGPL License