Reply To: static code analysis tools

Home Forums General static code analysis tools Reply To: static code analysis tools

Profile photo of stsbabu

1. Fxcop – Free static analysis for Microsoft .NET programs that compile to CIL. Standalone and integrated in some Microsoft Visual Studio editions. From Microsoft.

2. SWAAT – SWAAT is an open source web application source code analysis tool. SWAAT searches through source code and analyzes against the database of potentially dangerous strings given in the .xml files. Thus it does NOT positively identify the existence of vulnerability – this generally requires application contextual knowledge. It identifies the usage of functions / strings / SQL that could lead to a finding. All potentially dangerous code references are included in the output report.

3. Style cop – Analyzes C# source code to enforce a set of style and consistency rules. It can be run from inside of Microsoft Visual Studio or integrated into an MS Build project. Free download.

Do NOT follow this link or you will be banned from the site!