CAT.NET

Categories: Code analysis - Standards verifiers, Security

Latest version: 1.0 CTP
Added 2008-12-15

Binary code analysis tool that helps identify common variants of certain prevailing vulnerabilities that can give rise to common attack vectors such as Cross-Site Scripting (XSS), SQL Injection and XPath Injection.

CAT.NET (Code Analysis Tool .NET) is a snap-in to the Visual Studio IDE that helps you identify security flaws within a managed code application you are developing. It does so by scanning the binary and/or assembly of the application, and tracing the data flow among its statements, methods, and assemblies. This includes indirect data types such as property assignments and instance tainting operations. The engine works by reading the target assembly and all reference assemblies used in the application - module-by-module - and then analyzing all of the methods contained within each. It finally displays the issues its finds in a list that you can use to jump directly to the places in your application's source code where those issues were found.
Supported rules :
- Cross Site Scripting
- SQL Injection
- Process Command Injection
- File Canonicalization
- Exception Information
- LDAP Injection
- XPATH Injection
- Redirection to User Controlled Site

Built for .NET

Built for .NET 2

Add-in

Free or free version available

Add to my favorites[NEW] What's this? Want to keep track of the latest versions of your favorite tools? Add tools to your favorites. This acts as a watch list. We'll email you when your favorite tools are updated. You can also visit your favorites page at any time to see what has been updated, or to remove tools from your list.

What's this? Want to keep track of the latest versions of your favorite tools? Add tools to your favorites. This acts as a watch list. We'll email you when your favorite tools are updated. You can also visit your favorites page at any time to see what has been updated, or to remove tools from your list.