On Thu, Dec 16, 2010 at 12:00:21PM -0600, Raphael Geissert wrote: > = What is there for everyone? = > > At the moment there are only partial reports from two tools, but the list of > tools to be evaluated and possibly included goes over twenty. I would be glad if the tools included some security auditing tools such as: + Available as Debian packages - RATS: security auditing utility for C, C++, PHP, Perl, and Python code - Flawfinder: securty flaw search tool for C/C++ source code - Split: a tool for statically checking C programs for bugs - Jlint: Tool to check Java code for bugs, inconsistencies and synchronization problems + There are some other static security analysis currently not available in Debian, such as: - FindBugs: a tool for static analysis of Java code http://findbugs.sourceforge.net/ - JCSC: Java source code checker - http://jcsc.sourceforge.net/ - PMD: Tool to review Java code for bugs - http://pmd.sourceforge.net/ As Debian is getting more java code in now it would be worth it to have some Jave tools in the toolbox too. Just my 2cents. Regards Javier
Attachment:
signature.asc
Description: Digital signature