[Owasp-leaders] OWASP : ASIDE Project Integration with Eclipse & User Guide [ Help Required ]
jzhu16 at uncc.edu
Mon Feb 24 20:29:35 UTC 2014
ASIDE has built in rules that checks a few "taint sources" for Java servlet API's, e.g. getParameter(). What type of vulnerable code are you looking for??
From: owasp-leaders-bounces at lists.owasp.org <owasp-leaders-bounces at lists.owasp.org> on behalf of Somen Das <somen.das at owasp.org>
Sent: Friday, February 21, 2014 11:09 AM
To: owasp-leaders; OWASP Leaders
Subject: [Owasp-leaders] OWASP : ASIDE Project Integration with Eclipse & User Guide [ Help Required ]
I'm evaluating Application Security Integrated Development Environment(ASIDE). Downloaded the plugin & added it in my eclipse workspace. But running the "Run ASIDE " is not marking the vulnerable code. Nothing happens actually. So we do not get to see the prompts that comes up as shown in the video "
http://webpages.uncc.edu/~jxie2/aside_old.swf" having list of potential fixes.
Has any one ever used it can you please list out the proper steps to get it working at least the prototype model ?
Thanks & stay secure,
BBSR Chapter Leader
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders