Monits/find-sec-bugs

Plugin for FindBugs that aims to help security audit on Java web application. (Also work with Scala and Groovy projects)

Find Security Bugs

Find Security Bugs is the FindBugs plugin for security audits of Java web applications.

Website : http://h3xstream.github.io/find-sec-bugs/

Notable contributions

• David Formánek :
  • Major improvements and refactoring on the taint analysis for injections.
  • The creation of a detector for Hard coded passwords and cryptographic keys.
• Naoki Kimura :
  • Detector for injection in custom API
  • Translation of messages in Japanese
• Dave Wichers :
  • Improvement to vulnerability descriptions

Screenshots

Eclipse

IntelliJ / Android Studio

Sonar Qube

License

This software is release under LGPL.