We have a Java based client/server project. Recently one of the testers has found a SQL injection vulnerability while testing the application. We do not have enough resources to manually check the application for SQL injections. Are there any SQL injection finders / static code analyzers that find SQL vulnerabilities in Java code?

Yes! Here are some: <ul> <li>Armorize CodeSecure</li> <li>FindBugs</li> <li>YASCA</li> <li>HP Fortify Static Code Analyzer</li> <li>Parasoft</li> <li>klockwork INSIGHT</li> <li>coverity Static Analysis</li> <li>VeraCode</li> <li>Checkmarx</li> <li>IBM Appscan</li> </ul> Read: OWASP's List of Source Analysis Tools

SQL injection finders [closed]

1 Answers

Yes!

Here are some:

Armorize CodeSecure
FindBugs
YASCA
HP Fortify Static Code Analyzer
Parasoft
klockwork INSIGHT
coverity Static Analysis
VeraCode
Checkmarx
IBM Appscan

Read: OWASP's List of Source Analysis Tools

answered Nov 04 '22 01:11

Adam

Recent Activity
Apple Pay - authorize.net returns error 153 only when live, sandbox works
How to continue cursor loop even error occured in the loop
python find all neighbours of a given node in a list of lists
Fatal error: Call to a member function setColumn() on a non-object in Magento
Count how many of each value from a field with MySQL and PHP
Python 32-bit development on 64-bit Windows [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With

SQL injection finders [closed]

Tags:

java

security

sql

static-analysis

WeMakeSoftware

1 Answers

Adam

Recent Activity

Donate For Us

SQL injection finders [closed]

Tags:

java

security

sql

static-analysis

WeMakeSoftware

1 Answers

Adam

Related questions

Recent Activity

Donate For Us