This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP O2 Platform/Microsoft/CAT.NET"

From OWASP
Jump to: navigation, search
(description)
Line 7: Line 7:
 
== description ==
 
== description ==
 
(from [https://connect.microsoft.com/Downloads/DownloadDetails.aspx?SiteID=734&DownloadID=23328&wa=wsignin1.0 CAT.NET download] page)
 
(from [https://connect.microsoft.com/Downloads/DownloadDetails.aspx?SiteID=734&DownloadID=23328&wa=wsignin1.0 CAT.NET download] page)
"...Code Analysis Tool for .NET is a static analysis tool to detect common software security vulnerabilities. CAT.NET 2.0 has been re-written from the ground up implementing the original tainted analysis algorithm developed by Ben Livshits but using the Phoenix compiler infrastructure to provide a solid and scalable core data flow security analysis engine. CAT.NET 2.0 will initially ship around February as a Visual Studio 2010 Power Tool, only available to customers who have a licensed copy of Visual Studio 2010 and then as an integrated part of the Visual Studio product in late 2010. ..."
+
 
 +
''"...Code Analysis Tool for .NET is a static analysis tool to detect common software security vulnerabilities. CAT.NET 2.0 has been re-written from the ground up implementing the original tainted analysis algorithm developed by Ben Livshits but using the Phoenix compiler infrastructure to provide a solid and scalable core data flow security analysis engine. CAT.NET 2.0 will initially ship around February as a Visual Studio 2010 Power Tool, only available to customers who have a licensed copy of Visual Studio 2010 and then as an integrated part of the Visual Studio product in late 2010. ..."
 +
''
 +
 
 
== download==
 
== download==
 
* [https://connect.microsoft.com/Downloads/DownloadDetails.aspx?SiteID=734&DownloadID=23328 CAT.NET 2.0 CTP (current version)] (requires registration with Microsoft)
 
* [https://connect.microsoft.com/Downloads/DownloadDetails.aspx?SiteID=734&DownloadID=23328 CAT.NET 2.0 CTP (current version)] (requires registration with Microsoft)

Revision as of 12:16, 4 December 2009

current O2 support

  • Dedicated O2 Module O2_Scanner_MsCatNet with support for
    • finding target dlls (recursive search on local directories)
    • triggering scans
    • converting CAT.NET Results into O2's Findings schema

description

(from CAT.NET download page)

"...Code Analysis Tool for .NET is a static analysis tool to detect common software security vulnerabilities. CAT.NET 2.0 has been re-written from the ground up implementing the original tainted analysis algorithm developed by Ben Livshits but using the Phoenix compiler infrastructure to provide a solid and scalable core data flow security analysis engine. CAT.NET 2.0 will initially ship around February as a Visual Studio 2010 Power Tool, only available to customers who have a licensed copy of Visual Studio 2010 and then as an integrated part of the Visual Studio product in late 2010. ..."

download

other relevant links

related blog posts

videos


go back to the main OWASP O2 Platform page