[Owasp-leaders] OWASP : ASIDE Project Integration with Eclipse & User Guide [ Help Required ]

Zhu, Jun jzhu16 at uncc.edu
Mon Feb 24 20:29:35 UTC 2014


Hi Somen,

ASIDE has built in rules that checks a few "taint sources" for Java servlet API's, e.g. getParameter().  What type of vulnerable code are you looking for??

Jun


________________________________
From: owasp-leaders-bounces at lists.owasp.org <owasp-leaders-bounces at lists.owasp.org> on behalf of Somen Das <somen.das at owasp.org>
Sent: Friday, February 21, 2014 11:09 AM
To: owasp-leaders; OWASP Leaders
Subject: [Owasp-leaders] OWASP : ASIDE Project Integration with Eclipse & User Guide [ Help Required ]

Hi Everyone,

I'm evaluating Application Security Integrated Development Environment(ASIDE). Downloaded the plugin & added it in my eclipse workspace. But running the "Run ASIDE " is not marking the vulnerable code. Nothing happens actually. So we do not get to see the prompts that comes up as shown in the video "
http://webpages.uncc.edu/~jxie2/aside_old.swf" having list of potential fixes.

Has any one ever used it can you please list out the proper steps to get it working at least the prototype model ?

Thanks & stay secure,
Somen
BBSR Chapter Leader
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20140224/aae8aedb/attachment-0001.html>


More information about the OWASP-Leaders mailing list