Skip to content

rigofunc/security-code-scan

 
 

Repository files navigation

Security Code Scan
Vulnerability Patterns Detector for C# and VB.NET - Website

Build status

Downloading

Official releases are available as nuget packages (Master and VS2017 branches) and as Visual Studio extensions (Master and VS2017 branches).
Nightly builds are available from appveyor (go to Configuration: Release -> Artifacts).

Building

git clone https://github.com/security-code-scan/security-code-scan.git
cd security-code-scan

Open SecurityCodeScan.sln in Visual Studio or build from command line:

nuget restore
msbuild

Contributing

Tests

Most of the tests are written in two languages: C# and VB.NET. If you aren't an expert in VB.NET (me neither) use any online converter to create the VB.NET counterpart from tested C# code example.
Tests are ideal for developing features and fixing bugs as it is easy to debug.

Debugging

In case you are not sure what is wrong or you see AD0001 error with an exception, it is possible to debug the analysis of problematic Visual Studio solution.

Visual Studio offloads some static analysis work to a separate process. It is a good idea to uncomment the lines to have a chance to debug the child process.

First, make sure there are no Security Code Scan Visual Studio extensions installed to avoid interference.
Right click SecurityCodeScan.Vsix project in the solution and choose Set as StartUp project.
Start debugging in Visual Studio. It will open another instance of Visual Studio with debugger attached.
Open the solution with the problematic source.

About

Vulnerability Patterns Detector for C# and VB.NET

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • C# 99.6%
  • Other 0.4%