Fortify解决方案手册.docx
2021-04-23 16:00:13 6.9MB 安评
1
代码审计工具Fortify SCA 安装包v19
2021-04-06 19:00:20 808.11MB Fortify 代码审计 白盒测试
1
fortify规则库文件_2020版,
2021-03-29 10:39:22 9.66MB fortify 2020 规则库 代码扫描
1
该规则是fortify2020最新规则更新,可以添加到fortify中进行代码静态扫描,进行代码漏洞bug静态分析,提醒开发人员进行漏洞修复
2021-03-18 15:19:01 9.77MB fortify规则 代码审计 静态分析
1
1. fortify 2020 检测规则 2. 放入\Fortify_SCA_and_Apps_\Core\config\rules下面就可以使用
2021-03-18 12:22:19 9.66MB fortify_rules fortify 规则库 安全扫描
1
fortify规则库: 2020.1.0.0009 放入\Fortify_SCA_and_Apps_\Core\config\rules下面就可以使用
2021-03-18 09:00:32 6.73MB fortifyrules
1
HPE_Security_Fortify_SCA_and_Apps_19.10_Windows下载地址,仅供学习参考使用
2021-03-10 19:06:28 71B fortify 19.10 license
1
Fortify使用简明教程,快速入门,软件测试代码安全性的有效工具。
2021-02-24 16:21:51 978KB fortify 代码安全检查
1
Fortify的测试规则2019和2020; 找到Fortify的安装路径C:\Program Files\Fortify\Fortify_SCA_and_Apps_20.1.1\Core\config 替换rules即可
2021-02-20 16:56:20 19.36MB 渗透测试
1
fortify扫描工具的说明手册,对实际工作有指导作用,讲的比较清晰。 Fortify SCA分析原理 Front-End 3rd party IDE Java Pug-In C/C++ MicrOsoL NET IBM.eclipse Audit workbench PLSQL XML Analysis Engine Semantic fdi/ fpr Gobal Data flow N Control Flow Configuration Structural Fortify Manager NST Rules builder Custom Pre-Packaged FORTIFY Fortify SCA分析过程 SCA Engine Intermediate Scan phase fles Using Analyzers Tt transation (NST) .Rules Analysis Result File -b build id 阶段一:转换阶段( Translation) 阶段二:分析阶段(Scan o sourceanalyzer-b -clean o sourceanalyzer -b sourceanalyzer-b -Xmx1250m-scan-f results fpr FORTIFY Fortify SCA扫描的工作 Visual studio Eclipse, IBM RAD 面 Audit Workbench Java,. Net Fortify Global Build Tool C, C/C++ Analysis JSP Touchless Build Fortify PL/SQL IDE Intermediate FPR TSOL Model Cold Command Line Interface Fusion 运己 Fortify I m Manager Secure Coding Rules Fortify Customized Rules Rules FORTIFY Fortify SCA扫描的五种方式 插件方式: Plug-In(Eclipse, vs WsAd,rad) 命令行方式 Command line ●扫描目录方式: Audit workbench scan Folder 与其他工具集成: Scan with ANt, Makefile ●编译监控器方式: Fortify SCA Build Monitor FORTIFY Fortify SCA扫描的四个步骤 Fortify SCA扫描总共可以分为四个步骤: ●1. Clean:清除阶段: sourceanalyzer -b proName -clean 2. Translation:转换阶段 3.ShoW-fe:查看阶段 sourceanalyzer -b proName -show-files 4.scan:扫描阶段 sourceanalyzer-b proName -Xmx1250m -scan -f proName. fpr FORTIFY Fortify SCA命令行参数说明 查看SCA扫描命令及参数→> sourceanalyzer ca\ C:\VIRDoS\syste32\cd. exe 川 icrosoft Windows XP[版不5.1268g Kc版权所有1985-2 061 Microsoft Gorp :Documents and settings anming >sourceanalyzer --he lp Fortify Source Code Analyze4..日.回153 Copyright (c>2003-2006 Fortify Software Usage Bu⊥1d Java: sourceanalyzer -b sourceanalyzer -b javac G/C++: sourceanalyzer -b NET: sourceanalyzer -b scan〓 sourceanalyzer -b -scan -f results. fpr Output opt ions -format Controls the output format. Valid options are auto, fpr. fvdl, and text. D
2021-02-02 15:36:53 376KB fortify
1