VCG is an automated code security review tool for C++, C#, VB, PHP, Java and PL/SQL which is intended to drastically speed up the code review process by identifying bad/insecure code.
It has a few features that should make it useful. In addition to performing some more complex checks it also has a config file for each language that basically allows you to add any bad functions (or other text) that you want to search for. It attempts to find phrases within comments that can indicate broken code and it provides stats and a pie chart (for the entire codebase and for individual files) showing relative proportions of code, whitespace, comments, ‘ToDo’ style comments and bad code.
I’ve tried to produce something which searches intelligently for buffer overflows and signed/unsigned comparison in C, violations of OWASP recommendations in Java code, etc.
Current version: 2.1.0
The SourceForge Speed Test measures Latency/Ping, Jitter, Download Speed, Upload Speed, Buffer Bloat, and Packet Loss. Upon completion, you can view detailed reports about your connection. This HTML5 speed test does not require Flash or Java, and works on all devices including tablets and smartphones. Host on your own infrastructure or use ours. For licensing, inquire today.
| Website | https://github.com/nccgroup/VCG |
| Tags | SecuritySource code analysisSource code review |
| Platform | Windows |
| Features |
|