HP has released SWFScan, a free static code analysis tool for Flash. It does decompiling and static code analysis for a pretty huge list of vulnerabilities in Flash. Supports up to ActionScript 3.
Using it is easy: point it to the flash file, click on "Get" to retrieve and decompile, then click on "Analyse" to well...Analyse the source code :)
Decompiled source codes can be saved, and a HTML vulnerability report can be generated too after analysis.
FAQ
http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2009/03/20/hp-swfscan-faq.aspx
Blog post
http://www.communities.hp.com/securitysoftware/blogs/spilabs/archive/2009/03/20/exposing-flash-application-vulnerabilities-with-swfscan.aspx
Download
2 comments:
I have downloaded software and that information given in the blog is very valuable security static code analysis. Thank you for the information.
Great Article
B.Tech Final Year Projects for CSE in JavaScript
FInal Year Project Centers in Chennai
JavaScript Training in Chennai
JavaScript Training in Chennai
Post a Comment