Brad, You can also look at The CERT Sun Microsystems Secure Coding Standard for Java at:
https://www.securecoding.cert.org/confluence/display/java/The+CERT+Sun+Microsystems+Secure+Coding+Standard+for+Java Which has many examples of secure/insecure Java source code. rCs -----Original Message----- From: sc-l-boun...@securecoding.org [mailto:sc-l-boun...@securecoding.org] On Behalf Of Brad Andrews Sent: Wednesday, May 06, 2009 1:41 PM To: sc-l@securecoding.org Subject: [SC-L] Insecure Java Code Snippets Does anyone know of a source of insecure Java snippets? I would like to get some for a monthly meeting of leading technical people. My idea was to have a "find the bug" like the old C-Lint ads. Does anyone know of a source of something like this. Brad _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________ _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________