Bin Scope Binary Analyzer:
The BinScope Binary Analyzer is a Microsoft verification tool that analyzes binaries to ensure that they have been built in compliance with Microsoft’s Security Development Lifecycle (SDL) requirements and recommendations. BinScope checks that SDL-required compiler/linker flags are being set, strong-named assemblies are in use, and up-to-date build tools are in place. BinScope also reports on dangerous constructs that are prohibited or discouraged by the SDL (e.g. read/write shared sections and global function pointers).
This below article has a small demonstration video.
http://blogs.technet.com/security/
It can be run standalone or integrated with the VS IDE.
Download:
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=90e6181c-5905-4799-826a-772eafd4440a
Mini File Fuzzer:
A testing technique that can help find denial of service and security vulnerabilities in software.
Technique:
1. Force application to malformed data.
2. If crash occurs, identify where and how.
3. File a security bug.
4. Investigate underlying code for security risk.
This below article has a small demonstration video.
http://blogs.technet.com/security/
Download
http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=b2307ca4-638f-4641-9946-dc0a5abe8513
No comments:
Post a Comment