Yasca
   HOME

TheInfoList



Click Here for Items Related To - Yasca
OR:
Yasca on:   [Wikipedia]   [Google]   [Amazon]

Yasca is an
open source Open source is source code that is made freely available for possible modification and redistribution. Products include permission to use and view the source code, design documents, or content of the product. The open source model is a decentrali ...
program which looks for security vulnerabilities, code-quality, performance, and conformance to best practices in program source code. It leverages external
open source Open source is source code that is made freely available for possible modification and redistribution. Products include permission to use and view the source code, design documents, or content of the product. The open source model is a decentrali ...
programs, such as
FindBugs FindBugs is an open-source static code analyzer created by Bill Pugh and David Hovemeyer which detects possible bugs in Java programs. Potential errors are classified in four ranks: (i) scariest, (ii) scary, (iii) troubling and (iv) of concern ...
,
PMD PMD may refer to: Government and diplomacy * Pakistan Meteorological Department * Performance Management Division, of the Cabinet Office, Government of India * Possible Military Dimensions of a nuclear program (specifically that of Iran) Heal ...
, JLint, JavaScript Lint, PHPLint,
Cppcheck Cppcheck is a static code analysis tool for the C and C++ programming languages. It is a versatile tool that can check non-standard code. The creator and lead developer is Daniel Marjamäki. Cppcheck is Open-core software, with its open-sourc ...
,
ClamAV ClamAV (Clam AntiVirus) is a free software, cross-platform antimalware toolkit able to detect many types of malware, including viruses. It was developed for Unix and has third party versions available for AIX, BSD, HP-UX, Linux, macOS, OpenVMS, ...
,
Pixy A pixie (also called pisky, pixy, pixi, pizkie, piskie, or pigsie in parts of Cornwall and Devon) is a mythical creature of British folklore. Pixies are speculated to be particularly concentrated in the high moorland areas around Devon and Corn ...
, and
RATS Rats are various medium-sized, long-tailed rodents. Species of rats are found throughout the order Rodentia, but stereotypical rats are found in the genus ''Rattus''. Other rat genera include ''Neotoma'' (pack rats), '' Bandicota'' (bandicoot ...
to scan specific file types, and also contains many custom scanners developed for Yasca. It is a command-line tool that generates reports in HTML, CSV, XML,
MySQL MySQL () is an Open-source software, open-source relational database management system (RDBMS). Its name is a combination of "My", the name of co-founder Michael Widenius's daughter My, and "SQL", the acronym for Structured Query Language. A rel ...
,
SQLite SQLite ( "S-Q-L-ite", "sequel-ite") is a free and open-source relational database engine written in the C programming language. It is not a standalone app; rather, it is a library that software developers embed in their apps. As such, it ...
, and other formats. It is listed as an inactive project at the well-known
OWASP The Open Worldwide Application Security Project (formerly Open Web Application Security Project) (OWASP) is an online community that produces freely available articles, methodologies, documentation, tools, and technologies in the fields of Io ...
security project, and also in a government software security tools review at the U.S Department of Homeland Security web site.


Languages Scanned

Yasca has at least one scanner for each of the following file types: *.NET (VB.NET, C#, ASP.NET) *ASP *C/C++ *COBOL *ColdFusion *CSS *HTML *Java *JavaScript *Perl *PHP *Python *Raw HTTP Traffic *Visual Basic


Yasca 2.2

Version 2.2 was released in June 2010 and included a large number of minor updates over version 2.1, most notably, natively compiled plugins on Linux, reducing the need to use
Wine Wine is an alcoholic drink made from Fermentation in winemaking, fermented fruit. Yeast in winemaking, Yeast consumes the sugar in the fruit and converts it to ethanol and carbon dioxide, releasing heat in the process. Wine is most often made f ...
. Version 2.2 contains some experimental modules, including a TCP packet logger and a rule to scan those logs for sensitive information. Additional rules for this are expected in the next update. As with prior 2.x releases, Yasca comes packaged as a core bundle, plus separately downloadable plugins. No plugins are required, but best results occur when using all of the necessary plugins.


References


External links

* *{{github, scovetta/yasca Static program analysis tools Software using the BSD license