aspose file tools*
The moose likes IDEs, Version Control and other tools and the fly likes Binary Code Analyzer, Static Code Analyzer tools for Java? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » IDEs, Version Control and other tools
Bookmark "Binary Code Analyzer, Static Code Analyzer tools for Java?" Watch "Binary Code Analyzer, Static Code Analyzer tools for Java?" New topic
Author

Binary Code Analyzer, Static Code Analyzer tools for Java?

Pankaj Patro
Ranch Hand

Joined: Apr 20, 2005
Posts: 35


Hi,

I am looking for different Java Code Analyzer Tool (Binary Code Analysis, Static Code Analysis) for finding all kind of security issues in Java code, java lib, war, ear files,

Can smeone help me on this?

Thanks in Advance,

Pankaj


Thanks & Regards,
Pankaj Patro
Tim Cooke
Bartender

Joined: Mar 28, 2008
Posts: 1020
    
  48

I'm assuming that you have consulted Google before arriving here? What have you found so far? What have you tried out?


Tim Driven Development
Jeanne Boyarsky
internet detective
Marshal

Joined: May 26, 2003
Posts: 30546
    
150

Pankaj,
There are many commercial tools for security analysis. The open source static analysis tools (PMD, FindBugs) find some things but don't have as many security rules.


[Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Blogging on Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, OCAJP, OCPJP beta, TOGAF part 1 and part 2
Pankaj Patro
Ranch Hand

Joined: Apr 20, 2005
Posts: 35
Tim Cooke wrote:I'm assuming that you have consulted Google before arriving here? What have you found so far? What have you tried out?



Yes Tim, i googled, but i was looking for who were having hands on with these tools and which one is best to use?
Jayesh A Lalwani
Bartender

Joined: Jan 17, 2008
Posts: 2378
    
  28

Ive seen a demo of fortify from HP, and it looks pretty good. It's not cheap, though
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Binary Code Analyzer, Static Code Analyzer tools for Java?