This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
Script to test if a server is vulnerable to the JetLeak vulnerability
Custom Fortify SCA rules to detect common JSSE certification validation flaws
Custom security ruleset for the popular Java static analysis tool PMD.
Checklist intended to be used as a baseline for assessing, designing, and testing the security of a MAM (Application Wrapping) solution
Sample Findbugs custom detector for finding potentially insecure Scala code.
This library was co-developed with a leading financial institution in order to build a single solution for Cross-Site Request Forgery (CSRF) prevention that is flexible enough to deploy firm-wide within diverse Java/J2EE web application environments.