Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Whether this is about ha.ckers.org, sla.ckers.org or some other project you are interested in or want to talk about, throw it in here to get feedback. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Searching for vuln apps for testing code review tools
Posted by: pento
Date: April 25, 2010 03:47PM

Hi, all!

Does anybody know good vuln apps/projects for (like test examples for lint) testing code review tools like rats and lint?

Options: ReplyQuote
Re: Searching for vuln apps for testing code review tools
Posted by: nEUrOO
Date: May 19, 2010 07:52AM

Well, if you wanna play with those low-level findings tools, you could look at the http://samate.nist.gov/SRD test cases...
Just be aware that those do not represent real applications, it's too much synthetic.

Otherwise, go to CVE, pick a project, not too big, with lots of vulns, and run the tools on it... you can then correlate results from tools (weaknesses) with vulns.

nEUrOO -- http://rgaucher.info -- http://twitter.com/rgaucher

Options: ReplyQuote
Re: Searching for vuln apps for testing code review tools
Posted by: Rahul00100
Date: May 24, 2010 04:25AM

Check Out : OWASP-Webgoat it is vulnerable application created by OWASP. to find vulnerabilities and exploit it.

Options: ReplyQuote


Sorry, only registered users may post in this forum.