with Tags:
static_analysis
X

The AppScan Appliance – Web Portal Development and CI Integration
As detailed in my previous post The AppScan Appliance - Design and Architecture I noted several components that I consider crucial steps in the
development of the AppScan Appliance Proof of Concept. One of the
first major milestones will be the creation of a web-based portal where AppScan Source scans can be triggered and the results viewed.
Ideally this portal will be the front
end for a Continuous Integration environment which itself will be
integrated with a Version Control System (VCS) used not only for acquiring
the source code... [More]
Tags:  appscan_source hijacking ci appscan_for_analysis web_application_framework... frameworks callbacks application_injection appscan_appliance injection wafl static_analysis teamcity continuous_integration appscan_appliance_develop... |
Email Spoofing Utility – Why Does This Still Work in 2013?
Here is a pretty funny and / or really serious
(depending on your frame of reference) utility that exploits a low
level SMTP vulnerability by design. In effect, this allows one to send an email FROM ANY
ADRESS, as long as the domain doesn't actually exist. That may sound
like a tough restriction but I can testify that anything from a
realistic sounding new division name, theoretically something like
myboss@security.us.ibm.com ,
has a very high potential of being opened.
Link to the Utility in a Standalone Executable (with a cool... [More]
Tags:  injection wafl appscan_for_analysis findings_viewer ounce appscan_appliance findings callbacks application_injection results sp1r0 appscan static_analysis appscan_source frameworks o2 web_application_framework... hijacking |
Extending AppScan's Web Application Framework to support ASP.NET MVC
This post will be the first in a series
dedicated to providing initial support for a very common .NET
framework in use today, the ASP.NET MVC – specifically version 3.0 http://www.asp.net/mvc/mvc3 The lack of AppScan Source visibility
into this framework and any applications built using it was first
described in depth in this post by Dinis Cruz:
ASP.NET MVC Support in SAST and IBM F4F Given that there currently is not WAFL
support, i.e. a WAFL Generator has not yet been created to identify
the various constructs that need WAFL rules... [More]
Tags:  sp1r0 wafl mvc appscan_source hijacking asp.net_mvc dynamic_analysis appscan_appliance appscan_for_analysis appscan results callbacks findings github java injection frameworks application_injection o2platform static_analysis |
The AppScan Appliance - Proof Of Concept Definition
The AppScan Appliance – Proof Of
Concept Architecture and Application Security Process Following some great feedback I
received on my previous post regarding the concept of an AppScan Security Appliance, How The Mainframe Can Transform Application Security , I want to further define a
potential high level architecture along with a set of processes for
integration into the application development life cycle. The goal here is to
start down the path towards a Proof Of Concept including a prototype in order to demonstrate what I believe will... [More]
Tags:  findings appscan_correlation appscan_for_analysis appscan_source frameworks url_mapping appscan_appliance static_analysis results sp1r0 appscan findings_viewer ounce mvc struts correlation wafl spring o2 dynamic_analysis |
Application Injection - Hooking into AppScan Standard
"Application Injection" is a term that I coined last year at DefCon for a technique first demonstrated to me there. Sitting in the front row of a rowdy, fun crowd at one of the last talks (shots, shots for the speaker!) of the conference, I watched in amazement as it was shown to me how to start an application, hook into it's process, grab a reference to the main form and then inject a full scripting and compilation environment directly into the application. This of course was happening, not at the podium, but directly beside me, as... [More]
Tags:  frameworks wafl hijacking java application_injection correlation correlated_findings static_analysis callbacks appscan_blackbox appscan_whitebox injection github o2platform appscan_correlation appscan_appliance dynamic_analysis |
Downloading AppScan Evaluation Software - which is what?
In his recent post on obtaining the various installation packages for a complete installation of the AppScan product suite: AppScan Eval Downloads and What is What Dinis makes a good point about the confusion that one can encounter when moving from earlier versions (pre-8.5) of AppScan Source and AppScan Enterprise to 8.6.x and does a pretty solid job of explaining the line in a bit more detail. To help out with his one point of confusion, regarding the Dynamic Analysis module, I gave him a bit of an insider explanation, which may be useful... [More]
Tags:  o2 static_analysis wafl struts dynamic_analysis installation downloads appscan_correlation appscan_source findings_viewer appscan findings sp1r0 appscan_for_analysis ounce appscan_appliance frameworks spring results correlation mvc |
Hijacking Windows Handles - Fun for the Whole Family
As promised in the overview of this
blog, I am going to being demonstrating / releasing some utilities
that push the limits of what is normally considered possible in a
windows environment.
This should be considered both an
effort to educate the general public about the pace at which security
is changing (where exactly is the sandbox now??) and also to shed some light
on the power of the O2 Platform , since it seems to me that right now may be one of the rare times in the 'application security arms race', where The Developers Have A... [More]
Tags:  wafl source jn14net static_analysis fortify github frameworks o2platform encoding kernel sink taint struts checkmarx hijacking callbacks handle_hijacking mvc taint_propagators spring validation windows handles java |
The AppScan Security Appliance - How The Mainframe Can Transform Application Security
** Re-posting this entry from the Message Board **
IBM Security Systems Has All The Artillery To Dominate the Security Battlefield It just needs to be deployed properly.. → Some factors that may explain the current state of the application security maturity [extremely low]: Development organizations
continue to lack the necessary security training and processes to
translate 'security requirements' into a secure design with
appropriate unit tests.
The intense pace development of
new technologies and migration of... [More]
Tags:  applicance appscan_for_analysis fortify static_analysis appscan_appliance java correlation findings_viewer ounce security_appliance fluentsharp fxcop appscan_source development checkmarx o2platform o2 fuzzing sp1r0 veracode github |
AppScan Source Trace Stitiching
Difficult
to present Findings with Disconnected Data-Flows Any time I've found
myself faced with a real-world, web application, scanning and
presenting the AppScan Source Edition Findings, I always arrive
at the point at which I have Triaged, Analyzed, Filtered and otherwise
massaged the raw results into the 'data-flow pieces', which in totality represent
the true vulnerabilities that I've found. The most difficult
part of this exercise is then to construct [for the results consumer] a realistic picture of what an actual round trip of... [More]
Tags:  fluentsharp fortify development static_analysis findings mvc ounce frameworks checkmarx appscan_for_analysis kernel jn14net fxcop o2platform results spring appscan_source appscan sp1r0 findings_viewer struts o2 java github fuzzing |
AppScan Source Edition Findings Viewer Utility
An Easy Way To View AppScan Source
Findings from Multiple .ozasmt Files For many years now, I have been dealing with the tens of
thousands of Findings that are generated from an average size web
application scanned with AppScan Source Edition. Although there have been numerous improvements to the
user interface and the Findings representation to accommodate the
huge amount of data that is necessarily generated, I find that my
approach to static analysis ( I want Millions of Findings, i.e. ALL
Possible Traces ) demands that multiple... [More]
Tags:  jn14net sp1r0 findings_viewer mvc github o2platform development appscan findings static_analysis java spring fortify fluentsharp checkmarx o2 results kernel fuzzing frameworks appscan_source ounce appscan_for_analysis struts fxcop |