下面是一个Source Code Auditing tools的一个list
Name - [ language/s supported ] - web link:  .TEST - [ C#, VB.NET, MC++ ] -
http://www.parasoft.com/jsp/products.jsp   ASTRéE ...
  下面是一个Source Code Auditing tools的一个list [转于网络]
  Name - [ language/s supported ] - web link:
  .TEST - [ C#, VB.NET, MC++ ] -
http://www.parasoft.com/jsp/products.jsp
  ASTRéE - [ C ] - http://www.astree.ens.fr
  Bandera - [ Java ] - http://bandera.projects.cis.ksu.edu/
  BLAST - [ C ] - http://mtc.epfl.ch/software-tools/blast/
  BOON - [ C ] - http://www.cs.berkeley.edu/~daw/boon/
  C Code Analyzer (CCA) - [ C ] - http://www.drugphish.ch/~jonny/cca.html
  C++test - [ C++ ] - http://www.parasoft.com/jsp/products.jsp
  CCMetrics - [ C#, VB.NET ] - http://www.serviceframework.com/jwss/utility ,ccmetrics,utility.aspx
  Checkstyle - [ Java ] -
http://checkstyle.sourceforge.net/
  CodeCenter - [ C ] - http://www.ics.com/products/centerline/codecenter/features.html
  CodeScan - [ .ASP, PHP ] - http://www.codescan.com/
  CodeSecure - [ PHP, Java ] - http://www.armorize.com/corpweb/en/products/codesecure
  CodeSonar - [ C, C++ ] - http://www.grammatech.com/products/codesonar/overview.html
  CQual - [ C ] - http://www.cs.umd.edu/~jfoster/cqual
  Csur - [ C ] - http://www.lsv.ens-cachan.fr/csur/
  Dehydra - [ C++ ] - http://wiki.mozilla.org/Dehydra_GCC
  DevInspect - [ C#, Visual Basic, JavaScript, VB Script] - http://www.spidynamics.com/products/devinspect/
  DevPartner SecurityChecker - [ C#, Visual Basic ] - http://www.compuware.com/products/devpartner/securitychecker.htm
  DoubleCheck - [ C, C++ ] - http://www.ghs.com/products/doublecheck.html
  FindBugs - [ Java ] - http://findbugs.sourceforge.net/
  FlawFinder - [ C, C++ ] - http://www.dwheeler.com/flawfinder/
  Fluid - [ Java ] - http://www.fluid.cs.cmu.edu/
  Frama-C - [ C ] - http://frama-c.cea.fr/
  ftnchek - [ FORTRAN ] - http://www.dsm.fordham.edu/~ftnchek/
  FxCop - [ .NET ] - http://code.msdn.microsoft.com/codeanalysis
  g95-xml - [ FORTRAN ] - http://g95-xml.sourceforge.net/
  ITS4 - [ C, C++ ] - http://www.cigital.com/its4/
  Jlint - [ Java ] - http://artho.com/jlint/
  JsLint - [ JavaScript ] - http://www.jslint.com/
  Jtest - [ Java ] - http://www.parasoft.com/jsp/products.jsp
  KlocWork / K7 - [ C, C++, Java ] - http://www.klocwork.com/products/k7_security.asp
  LAPSE - [ Java ] - http://www.owasp.org/index.php/Category:OWASP_LAPSE_Project
  MOPS - [ C ] - http://www.cs.berkeley.edu/~daw/mops/
  MSSCASI - [ ASP ] - http://www.microsoft.com/downloa ... &displaylang=en
  MZTools - [ VB6, VBA ] - http://www.mztools.com/index.aspx/
  Oink - [ C++ ] - http://www.cubewano.org/oink
  Ounce - [ C, C++, Java, JSP, ASP.NET, VB.NET, C# ] - http://www.ouncelabs.com/accurate-complete-results.html
  Perl-Critic - [ Perl ] - http://search.cpan.org/dist/Perl-Critic/
  PLSQLScanner 2008 - [ PLSQL ] - http://www.red-database-security.com/software/plsqlscanner.html
  PHP-Sat - [ PHP ] - http://www.program-transformation.org/PHP/PhpSat
  Pixy - [ PHP ] - http://pixybox.seclab.tuwien.ac.at/pixy/index.php
  PMD - [ Java ] - http://pmd.sourceforge.net/
  PolySpace - [ Ada, C, C++ ] - http://www.polyspace.com/products.htm
  PREfix & PREfast - [ C, C++ ] - http://support.microsoft.com/vst
  Prevent - [ C, C++ ] - http://www.coverity.com/html/cov ... ality-products.html
  PyChecker - [ Python ] - http://pychecker.sourceforge.net/
  pylint - [ Python ] - http://www.logilab.org/project/pylint
  QA-C, QA-C++, QA-J - [ C, C++, Java, FORTRAN ] - http://www.programmingresearch.com/PRODUCTS.html
  QualityChecker - [ Visual Basic 6 ] - http://d.cr.free.fr/
  RATS - [ C, C++, Perl, PHP, Python ] - http://www.fortify.com/security-resources/rats.jsp
  RSM - [ C, C++, C#, Java ] - http://msquaredtechnologies.com/m2rsm/
  Smatch - [ C ] - http://smatch.sourceforge.net/
  SCA - [ ASP.NET, C, C++, C#, Java, JSP, PL/SQL, T-SQL, VB.NET, XML ] - http://www.fortifysoftware.com/products/sca/
  Skavenger - [ PHP ] - http://code.google.com/p/skavenger/
  smarty-lint - [ PHP ] - http://code.google.com/p/smarty-lint/
  soot - [ Java ] - http://www.sable.mcgill.ca/soot/
  Source Monitor - [ C#, VB.NET ] - http://www.campwoodsw.com/sm20.html
  SPARK - [ Ada ] - http://www.praxis-his.com/sparkada/spark.asp
  Spike PHP Security Audit Tool - [ PHP ] - http://developer.spikesource.com/projects/phpsecaudit/
  Splint - [ C ] - http://www.splint.org/
  SWAAT - [ PHP, ASP.NET, JSP, Java ] - http://www.owasp.org/index.php/Category:OWASP_SWAAT_Project
  UNO - [ C ] - http://spinroot.com/uno/ ">
  vil - [ C#, VB.NET ] -
http://www.1bot.com/
  Viva64 - [ C++ ] - http://www.viva64.com/
  xg++ - [ C ] - http://www.stanford.edu/~engler/mc-osdi.pdf
  YTKScan Java - [ Java ] - http://www.cam.org/~droujav/y2k/Y2KScan.html
  支持php的有:
  CodeScan - [ .ASP, PHP ] -
http://www.codescan.com/
  CodeSecure - [ PHP, Java ] - http://www.armorize.com/corpweb/en/products/codesecure
  PHP-Sat - [ PHP ] - http://www.program-transformation.org/PHP/PhpSat
  Pixy - [ PHP ] - http://pixybox.seclab.tuwien.ac.at/pixy/index.php
  RATS - [ C, C++, Perl, PHP, Python ] - http://www.fortify.com/security-resources/rats.jsp
  Skavenger - [ PHP ] - http://code.google.com/p/skavenger/
  smarty-lint - [ PHP ] - http://code.google.com/p/smarty-lint/
  Spike PHP Security Audit Tool - [ PHP ] - http://developer.spikesource.com/projects/phpsecaudit/
  SWAAT - [ PHP, ASP.NET, JSP, Java ] - http://www.owasp.org/index.php/Category:OWASP_SWAAT_Project
  另外还有一个Fortify - http://www.fortifysoftware.com [如果还有,请帮忙补充]
  目前就php的Source Code Auditing tool基本都是静态分析的,而Source Code Auditing一直围绕着2个元素:变量和函数.也就是说这些tools不管是php开发的还是java开发的,也不管是不是基于php原代码的,他本身都对一些危险的函数和变量都对应的一个'字典'[特征字符串],这些tools都是通过查找这些字典,然后跟踪变量来分析代码.
  但是随着程序员安全意识的提高,很多的程序员也知道了这些'字典'了,都有对应的过滤,所以那些传统的问题,很找在大型程序里出现了.所以只有通过扩大我们的字典才有更多的机会去找到应用程序的漏洞.我们的途径有:
  * 分析和学习别人发现的漏洞或者exp,如大牛Stefan Esser发现的那些问题,rgod等以前发的那些exp
  * 通过学习php手册或者官方文档了解php 一些函数的'特性'
  * fuzz php的函数,找到新的有问题的函数[不一定非要溢出的]
  * 分析php源代码,发现新的漏洞函数'特性'或者漏洞
  * 有条件或者机会和开发者学习,找到他们实现某些常用功能的代码的缺陷或者容易忽视的问题
  * 你有什么要补充的吗?
安天365--打造国内专业的技术研究站点