lapse-plus

The Security Scanner for Java EE Applications

LAPSE+ is a security scanner, based on the white box analysis of code for detecting vulnerabilities in Java EE Applications. LAPSE+ is based on the GPL software LAPSE, developed by the SUIF Compiler Group of Stanford University as a plugin for Eclipse Java IDE. The latest stable release of the plugin by Stanford, LAPSE 2.5.6, dates from 2006 and it is obsolete in terms of the number of vulnerabilities detected and its integration with new versions of Eclipse.

This project focuses on developing LAPSE+, an enhanced version of LAPSE 2.5.6. This new version of the plugin is updated to work with Eclipse Helios, providing a wider catalog of vulnerabilities and improvements in the analysis of code.

Evalues Lab - IT Security Evaluation

http://img508.imageshack.us/img508/7664/provenance.png

Project Information

The project was created on Mar 5, 2011.

  • License: GNU GPL v3
  • 20 stars
  • svn-based source control

Labels:
Java Web lapse security scanner static analysis code evalues