SecureProgramming.com
Login
Username: 
Password: 
Forgot your password?
Create a new account
Group By:Show Categories:Show Languages

Anti-Tampering

  • SandMark: A Tool for the Study of Software Protection Algorithms4 stars [View Detail]
    http://www.cs.arizona.edu/sandmark/
    SandMark is a tool developed at the University of Arizona for software watermarking, tamper-proofing, and code obfuscation of Java bytecode. The ultimate goal of the project is to implement and study the effectiveness of all known software protection algorithms. Currently, the tool incorporates several dynamic and static watermarking algorithms (such as those proposed by Venkatesan, Collberg, Stern, and others), a large collection of obfuscation algorithms, a code optimizer, and tools for viewing and analyzing Java bytecode.

    SandMark is designed to be simple to use. A graphical user interface allows novices to easily try out watermarking and obfuscation algorithms. Algorithms can be combined, the resulting watermarked and/or obfuscated code can be examined, and attacks can be easily launched. SandMark has been designed using a plugin-style architecture which makes it easy to extend with additional algorithms.

  • Obcode library [View Detail]
    http://echelon.pl/pubs/
    Pawel Krawczyk's publications page includes the Obcode library, which is a library for performing obfuscation of data types in C programs.

Code Auditing

  • BOON: A buffer overflow checking tool [View Detail]
    http://www.cs.berkeley.edu/~daw/boon/
    This static analysis tool checks C programs for buffer overflows. It has a lower false positive rate than tools like RATS and Flawfinder, but not by much (due to the exact analysis used; other static analysis tools do better). It points out potentially bad buffers instead of potentially bad call sites.


    Available under a BSD license.


  • Bunch: a software visualization tool for security problems [View Detail]
    http://serg.mcs.drexel.edu/bunch
    Bunch is a clustering tool intended to aid the software developer and maintainer in understanding, verifying and maintaining a source code base. To do this, Bunch lets the user evaluate the quality of an application's modularization, by analyzing the source code graph. Bunch relies solely on the information contained in a module dependency file, considering nodes as program units or modules, such as files or classes, and edges between the nodes as calls or relationships between those modules, such as function calls or inheritance relationships. With this graph, Bunch can find what a "good" clustering for the system is (thus helping when documentation of the code is nonexistent or outdated), and it can also use pre-defined clusters to measure or improve the quality of the system's clustering.

  • CodeWizard [View Detail]
    http://www.parasoft.com/products/wizard
    A commercial tool for source code analysis in C and C++ that allows one to customize the analyses done by the tool (e.g., security analyses).

  • CQUAL: A tool for adding type qualifiers to C [View Detail]
    http://www.cs.berkeley.edu/~jfoster/cqual/
    This tool can be used to build analyses that can detect security problems if you annotate your program with type information. For example, it allows you to declare variables as such:


    int main(int argc, $tainted argv) {


    If we try passing a $tainted variable to a function that takes an $untainted as a parameter, then there's a security violation that the system can determine statically. This tool has also been used to detect format string problems.


  • Flawfinder: a code auditing tool [View Detail]
    http://www.dwheeler.com/flawfinder/
    This is a tool to help source code auditors find potential trouble spots in C and C++ code.


    This tool is just a simple token-based pattern matching tool. Nonetheless, it looks for a wide variety of problem types, and as such is useful. Generally, RATS is a similar tool providing a superset of functionality (the databases aren't proprietary, and RATS handles several other programming languages).


  • ITS4: a code auditing tool [View Detail]
    http://www.cigital.com/its4/
    A tool for automating the grepping of source code for potential security problems. As of this writing, the tool isn't completely free software and hasn't been updated in several years. Other tools (e.g., RATS and Flawfinder) have much more comprehensive databases and feature sets.

  • MOPS - a model checker for security properties [View Detail]
    http://www.cs.berkeley.edu/~daw/mops/
    This is a code analysis tool for C programs that can check for interesting security properties using a "model checking" approach. The current tool is a research-oriented tool that doesn't contain a significant database of knowledge, but that is expected to change eventually. If something in its database, it does a much better analysis than tools like RATS in that it has far fewer false positives.


    There are some kinds of security problems that aren't well-suited for analysis by this model checking approach, such as buffer overflow and integer signedness problems. Other analysis tools help address these problems.


  • Netics [View Detail]
    http://www.citi.umich.edu/u/marius/netics/
    A cool tool for measuring entropy in network traffic. Of course, other people can snoop the same data. What this is particularly useful for is determining whether a link is really encrypted.

  • PC-Lint [View Detail]
    http://www.gimpel.com/html/lintinfo.htm
    A tool for C and C++ code auditing. It currently does not contain much security knowledge, but will detect most buffer overflow problems.

  • PScan: A tool for scanning C and C++ code for format string problems [View Detail]
    http://www.striker.ottawa.on.ca/~aland/pscan/
    Finds one type of security problem in C code (format string problems). It essentially provides a small subset of the functionality provided by tools like RATS and flawfinder.

  • RATS code auditing tool [View Detail]
    http://www.securesoftware.com/download_rats.htm
    This is a tool to help source code auditors find potential trouble spots in C, C++, Perl, Python and PHP code. It's available under the GPL.


    This tool is just a simple token-based pattern matching tool that performs only a modicum of static analysis. Nonetheless, it looks for a wide variety of problem types, and currently has a much larger database than any similar tools.


  • Sharefuzz [View Detail]
    http://www.atstake.com/research/tools/index.html#vulnerability_scanning
    A tool for testing setuid programs to see if there are buffer overflows in environment variables.

  • SLAM: Microsoft's model checking technology [View Detail]
    http://research.microsoft.com/slam/
    A software model checker written by Microsoft Research that is currently primarily used for detecting reliability problems in device drivers, but can be used to detect security vulnerabilities. No software is currently available.

  • Smatch -- the source matcher [View Detail]
    http://smatch.sourceforge.net/
    A tool for checking C code (particularly Linux kernel code) for bugs. It's programmable (checks can be written in Perl or Python). The web site has a few security-related checking scripts, but they don't get too much more sophisticated than tools like RATS (though you could certainly build better checks yourself).

  • SPLINT: A lint-like tool with secure programming rules [View Detail]
    http://splint.org/
    A static analysis tool for finding bugs in C that also has facilities for finding buffer overflows.

General / Miscellaneous

  • OWASP Development Projects [View Detail]
    http://www.owasp.org/development
    The OWASP (Open Web Application Security Project) works on a number of tools in the domain of web application security. Among them:

    • Commons Library - is a growing set of reuseable Java code that can be baked into your own secure applications. Dealing with issues like session and transaction management, input filtering, user account maintenance and form generation the OCL is used extensively in oPortal. Filters is now included in the OCL.

    • CodeSeeker - is an application level firewall that runs on Win32 (IIS), Solaris and Linux. It features connectors that install on the webservers and filters and blocks traffic with malicious content. As it sits on the TCP stack it can deal with high speed traffic which it inspects just after SSL decryption takes place. The centralized management console written in Java can control many agents.

    • WebGoat - is an interactive teaching tool. Essentially a broken web application, WebGoat takes you through various key lessons, with each section culminating in a challenge to exploit the issue you just learnt about for yourself.

    • WebScarab - is a set of various Java tools and code snippets that one day will evolve into a testing tool. Included under the WebScarab stable is Pen Proxy (originally authored by Svere Huseby), Exodus (originally authored by Rogan Dawes) and Open Proxy (by Steve Taylor).


  • XXL - Exception Handling and Asset Management for C [View Detail]
    http://www.zork.org/xxl/
    XXL is a library for C and C++ that provides exception handling and asset management. Asset management is integrated with the exception handling mechanism such that assets may be automatically cleaned up if an exception is thrown, which allows for much simplified program structure with respect to error handling.

General Cryptography

  • MatrixSSL Open Source Embedded SSL5 stars [View Detail]
    http://www.matrixssl.org
    PeerSec MatrixSSL is a dual-licensed embedded SSL/TLS implementation designed for small footprint devices and applications requiring low overhead per connection. The library is less than 50K on disk with cipher suites. It includes SSL client and SSL server support, session resumption, and implementations of RSA, 3DES, ARC4, SHA1, and MD5. The source is well documented and contains portability layers for additional operating systems, cipher suites, and cryptography providers.

    (I'm a bit biased on the rating, I'm one of the developers! Please let me know if you have any additional questions. We have a copy of your book and found it very helpful in the development of MatrixSSL. Keeping code size small in MatrixSSL goes a long way to minimizing security issues. Would love to get your feedback - jharper@peersec.com)

  • GNU TLS [View Detail]
    http://www.gnu.org/software/gnutls/gnutls.html
    Support for TLS 1.0 and SSL 3.0.

  • OpenSSL - An SSL/TLS implementation and cryptographic toolkit [View Detail]
    http://www.openssl.org/
    This library is intended for C/C++ programmers, but wrappers for other languages exist. The API is a little tough to use, but it's by far the most significant freely available SSL/TLS implementation.

Input Validation

  • ElectricFence [View Detail]
    http://perens.com/FreeSoftware/
    A malloc() debugger for Unix platforms. It's similar in nature to Purify. It will cause your program to stop on the exact instruction that overruns or underruns a malloc()'d buffer.

  • MEMWATCH [View Detail]
    http://www.linkdata.se/sourcecode.html
    A free tool for detecting memory leaks.

  • OpenBSD gcc extensions [View Detail]
    http://www.openbsd.org/cgi-bin/man.cgi?query=gcc-local&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html
    OpenBSD's gcc recognizes a new flag, -Wbounded, to perform basic checks on functions which accept buffers and sizes. An extra attribute, __bounded__, has been added to mark functions that can be checked this way.


    Read down on the page for a description of how __bounded__ works.


  • SafeStr - Safe String Handling for C [View Detail]
    http://www.zork.org/safestr/
    The goal of the SafeStr library is to provide a rich string-handling library for C that has safe semantics yet interoperates with legacy library code in a straightforward manner. Additionally, porting code that uses standard C string handling should be straightforward. The library should work on all modern Unix-like platforms, as well as any 32-bit Microsoft Windows OS.

    The overt security goals of the library are as follows:

    1. Buffer overflows should not be possible when using the API.
    2. Format string problems should be impossible when using the API.
    3. The API should be capable of tracking whether strings are "trusted", a la Perl's taint mode.

    The API is meant to provide rich functionality and be easy to use, all the while improving security.

Public Key Cryptography

Random Numbers

Symmetric Cryptography

  • AES implementation in JavaScript [View Detail]
    http://www.cs.ucsd.edu/~fritz/rijndael.html
    Yes, it really is an AES implementation in JavaScript. Beware! Client-side JavaScript needs to be downloaded over an authenticated SSL connection before there's any hope of trusting the client code, so it's often not interesting to use such a beast.

Unix Programming

  • Privman: A privilege separation library [View Detail]
    http://opensource.nailabs.com/privman/
    Privman is a library that makes it easy for programs to use privilege separation, a technique that prevents the leak or misuse of privilege from applications that must run with some elevated permissions. Applications that use the Privman library split into two halves, the half that performs valid privileged operations, and the half that contains the application's logic. The Privman library simplifies the otherwise complex task of separating the application, protecting the system from compromise if an error in the application logic is found. The library uses configuration files to provide fine-grained access control for the privileged operations, limiting exposure in even of an attack against the application. When the application is compromised, the attacker gains only the privileges of an unprivileged user and the specific privileges granted to the application by the application's Privman configuration file.

[Python Powered]