[Owasp-o2-platform] Example of self-patching .NET code

dinis cruz dinis.cruz at owasp.org
Wed Sep 22 12:52:54 EDT 2010


Following an question from an O2 user, I just wrote the following PoC that
shows how the O2 .Net Static Analysis engine can be used to patch in real
time a vulnerable XSS function

http://www.o2platform.com/index.php/Script Example/Patching .NET Code </>

A real world application of this could be to intruduce this check at
pre-code-check-in so that only code with validation goes into production
(this would depend on how invisible one would want this to happen). Another
option could be to do this directly on Visual Studio (but that could have
usability issues)

Dinis Cruz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-o2-platform/attachments/20100922/ae0fe783/attachment.html 


More information about the Owasp-o2-platform mailing list