:
BinScope Binary Analyzer
DEP ASLR. , . , SDL, : DEP, ASLR. /NXCOMPAT /DYNAMICBASE. , Binscope SDL , SDL. , SDL /, . Binscope , ( , ).
AppVerifier
Application Verifier , native- , . , ( runtime-). AppVerif , , . , API, .
Attack Surface Analyzer Beta
Attack Surface Analyzer. Microsoft, . , - . , snapshot , : , , , ActiveX-, , ACL- .
Code Analysis for C/C++
. , Code Analysis for C/C++ Visual Studio. native- , , , , .
Microsoft Code Analysis Tool.NET (CAT.NET)
, .NET : (C#, Visual Basic.NET, J#). -. CAT.NET , Cross-Site Scripting (XSS), SQL Injection XPath Injection. Microsoft.
|
|
FxCop
. , .NET .NET Framework. , , . FxCop CIL ( , Microsoft .NET) .
Anti-Cross Site Scripting (Anti-XSS) Library
, . , Anti-XSS , XSS- -. , - WAF ( -) Security Runtime Engine (SRE). , HTTP-, - .
SiteLock ATL Template
SiteLock Active Template , . , ATL ActiveX-, . , ActiveX- ( ), . , .
banned.h
C/C++, , buffer overflow . : (xstrcpy(), strcat(), gets(), sprintf(), printf(), snprintf(), syslog()), (access(), chown(), chgrp(), chmod(), tmpfile(), tmpnam(), tempnam(), mktemp()), (exec(), system(), popen()). ( ) . , , , (, , SDL).
SDL Threat Modeling Tool
. . SDL Threat Modeling Tool , , . , . SDL Threat Modeling Tool .
SDL Process Template
Visual Studio ( ) , , , Microsoft SDL . , , SDL. .
|
|
MiniFuzz File Fuzzer
SDL, ( ) , . Minifuzz File Fuzzer , , . , .
SDL Regex Fuzzer
(Regex) , Microsoft. SDL Regex Fuzzer . . ( ) . , , (, , ), DoS-. , , .