I am aware of a tool which MS has provided which tells you about coss site scripting attack etc.
The tool is http://www.microsoft.com/downloads/details.aspx?FamilyId=0178e2ef-9da8-445e-9348-c93f24cc9f9d&displaylang=en
But are there tools which you have used for ASP .NET applications which do similar to this and which one is widely u...
We build software using Hudson and Maven. We have C#, java and last, but not least PL/SQL sources (sprocs, packages, DDL, crud)
For C# and Java we do unit tests and code analysis, but we don't really know the health of our PL/SQL sources before we actually publish them to the target database.
Requirements
There are a couple of things ...
What methodology would you use with a static code analysis tool?
When and where would you run the analysis? How frequent?
How would you integrate it to a continues build environment, on daily builds? only nightly?
...
Are there any C-language static analysers out there that create graphical diagrams of the data structures in a body of C code?
I'm thinking along the lines of the data displays in the DDD (Data Display Debugger) but that work from static analysis of the source code.
Any diagram notation welcome (UML etc.) and it can run on any platform...