We are happy to announce the first public release of LAPSE: a source code
security scanner for Java. LAPSE is an Eclipse plugin that helps automate
the code review process for Java J2EE applications.
LAPSE is inspired by existing lightweight security auditing tools such as
RATS, pscan, and FlawFinder. Unlike those tools, however, LAPSE addresses
Web applications vulnerabilities such as SQL injection, cross-site
scripting, path traversal, etc. LAPSE is not intended as a comprehensive
solution for Web application security, but rather as an aid in the code
review process.
More information about LAPSE can be found at
http://suif.stanford.edu/~livshits/work/lapse/
Enjoy.
-Ben
http://www.stanford.edu/~livshits/
_______________________________________________
Secure Coding mailing list (SC-L)
[email protected]
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
