RSS 11 projects tagged "Quality Assurance"

Download Website Updated 17 Jan 2007 Flawfinder

Screenshot
Pop 165.02
Vit 5.50

Flawfinder searches through source code looking for potential security flaws. It will provide a list of potential security flaws, sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function. Flawfinder ignores text inside comments and strings.

Download Website Updated 11 Apr 2011 ACL2

Screenshot
Pop 74.94
Vit 4.97

ACL2 is a mathematical logic, programming language, and mechanical theorem prover based on the applicative subset of Common Lisp. It is an "industrial-strength" version of the NQTHM or Boyer/Moore theorem prover, and has been used for the formal verification of commercial microprocessors, the Java Virtual Machine, interesting algorithms, and so forth.

Download Website Updated 01 Feb 2010 zzuf

Screenshot
Pop 72.83
Vit 4.35

zzuf is a transparent application input fuzzer. Its purpose is to find bugs in applications by corrupting their user-contributed data, which frequently comes from untrusted sources on the Internet. It works by intercepting file and network operations and changing random bits in the program's input. zzuf's behavior is deterministic, making it easier to reproduce bugs.

Download Website Updated 06 Feb 2003 SPIKE

Screenshot
Pop 97.47
Vit 4.23

SPIKE is an attempt to write an API that helps reverse engineer new, unknown network protocols. It features several working examples.

Download Website Updated 05 Nov 2008 ESC/Java2

Screenshot
Pop 49.60
Vit 3.41

ESC/Java2 is an Extended Static Checker for Java. It automatically, statically, and modularly detects common programming errors. It reasons about Java programs that have (optional) annotations written in JML.

Download Website Updated 10 Jul 2004 Fenris

Screenshot
Pop 92.47
Vit 1.54

Fenris is a multipurpose tracer, debugger, and code analysis tool that detects and documents high-level language constructions, can recover symbols, graph program execution flow, detect internal functions, recover symbol tables, and deal with anti-debugging protection. It features a command-line interface as well as a SoftICE-alike GUI and Web frontend.

No download Website Updated 27 Mar 2004 logGen

Screenshot
Pop 10.05
Vit 1.00

logGen is a command-line utility for detecting filesystem changes after a preference change or package installation. This is primarily useful when creating your own .pkg files so you know what you need to package. This package is only compatible with OS X 10.3 and above due to some perl modules that are missing in earlier versions. If you need to run it on OS X 10.2, you'll need to install the necessary perl modules manually.

Download Website Updated 24 Oct 2004 mangleme

Screenshot
Pop 50.04
Vit 1.00

mangleme is an automated broken HTML generator and browser tester, originally used to find dozens of security and reliability problems in all major Web browsers (Mozilla / Firefox / Netscape, Konqueror / Safari, MSIE, lynx, [e]links, w3m, elvis, etc), as reported on BUGTRAQ.

No download Website Updated 22 Nov 2004 Oink

Screenshot
Pop 34.19
Vit 1.00

Oink is a collaboration of backends for the Elsa C and C++ frontend. It aims to be industrial-strength for immediate utility in finding bugs, extensible for ease in adding backends, and composable for ease in combining existing ones. It computes expression-level and type-level data flow, and statement-level intra-procedural control flow (by delegating to Elsa). It's easy to get started by using the two demo backends that print graphs of these flows. It also comes with a client of the data flow analysis that does type qualifier inference: Cqual++, a C/C++ frontend for Cqual. Whole-program analyses may be attempted using the linker imitator.

No download Website Updated 13 Aug 2005 bddshell

Screenshot
Pop 23.94
Vit 1.00

bddshell is a command line program for analyzing software for things such as security vulnerabilities. It has a program for installing components, such as bddbddb and joeq, and a "front end" that runs the components in the right order. It currently analyzes Java class files.

Screenshot

Project Spotlight

Xidel

Downloading and extraction of data from webpages.

Screenshot

Project Spotlight

CoreTML framework

A tool allowing the developer to create user-configurable source code templates.