Find Security Bugs
Find Security Bugs is the FindBugs plugin for security audits of Java web applications.
Website : http://h3xstream.github.io/find-sec-bugs/
Notable contributions
- David Formánek :
- Major improvements and refactoring on the taint analysis for injections.
- The creation of a detector for Hard coded passwords and cryptographic keys.
- Naoki Kimura :
- Detector for injection in custom API
- Translation of messages in Japanese
- Dave Wichers :
- Improvement to vulnerability descriptions
Screenshots
Eclipse
IntelliJ / Android Studio
Sonar Qube
License
This software is release under LGPL.