Report on the evaluation of 11 open-source general-purpose SAST tools for the C programming language on the SARD Juliet Test Suite for C/C++.

Image by Pixabay from Pexels

Are you a developer? If so, you can relate to my question:

If I, as a software developer, use a certain static analysis tool, what can I expect of the security of my code?

In this light, a SAST tool can also be seen as a kind of “insurance” for the developer: “If I run this tool, my code is mostly secure”.

Project Motivation

There exists a variety of tools, whether commercial or open-source, which claim more or less to do a “security analysis”. Starting with a preliminary investigation on fault patterns and vulnerabilities in the Debian Linux distribution, I found that…


Source

Here’s a short summary of different attack possibilities to be considered at each OSI Layer.

OSI Layer

OSI layer is a structured model that presents the rulesets about how to set each communication methodology from a physical system into the real world.

The video below is a brilliant illustration to have a quick insight about the OSI Framework and post that, let’s discuss the cyber attack threats involved at each layer.

Let me help you to remember the 7 layers of an OSI, top-down and bottom-up as well.

All People Seem To Need Data Processing.

Please Do Not Throw Sausage Pizza…


Let us first get to understand what a buildsystem is?

In simple words, a buildsysytem describes how to build the project executables and the associated libraries from the codebase using a build tool that automates the process.

For example, a Makefile is a buildsystem that is used as a command-line make tool or a project file for an Integrated Development Environment (IDE). In order to avoid maintaining multiple such buildsystems, a project may specify its buildsystem abstractly using files written in the CMake language.

Cmake simple flowchart

Build stages

An entire CMake build consists of the following stages:

  1. Configure: CMake executes the CMake code itself to create a build configuration.
  2. Generate: CMake generates a concrete…

Rohan Krishnamurthy

Security Engineer and a serious guy in a funny way

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store