Searching for vuln apps for testing code review tools

sla.ckers.org is
ha.ckers sla.cking

Whether this is about ha.ckers.org, sla.ckers.org or some other project you are interested in or want to talk about, throw it in here to get feedback.

Go to Topic: Previous•Next

Go to: Forum List•Message List•New Topic•Search•Log In

Searching for vuln apps for testing code review tools

Posted by: pento

Date: April 25, 2010 03:47PM

Hi, all!

Does anybody know good vuln apps/projects for (like test examples for lint) testing code review tools like rats and lint?

Options: Reply•Quote

Re: Searching for vuln apps for testing code review tools

Posted by: nEUrOO

Date: May 19, 2010 07:52AM

Well, if you wanna play with those low-level findings tools, you could look at the http://samate.nist.gov/SRD test cases...
Just be aware that those do not represent real applications, it's too much synthetic.

Otherwise, go to CVE, pick a project, not too big, with lots of vulns, and run the tools on it... you can then correlate results from tools (weaknesses) with vulns.

nEUrOO -- http://rgaucher.info -- http://twitter.com/rgaucher

Options: Reply•Quote

Re: Searching for vuln apps for testing code review tools

Posted by: Rahul00100

Date: May 24, 2010 04:25AM

Check Out : OWASP-Webgoat it is vulnerable application created by OWASP. to find vulnerabilities and exploit it.

Options: Reply•Quote

Go to: Forum List•Message List•Search•Log In

Sorry, only registered users may post in this forum.

Click here to login