Hi, I am trying to find the best source code analyzer for a C++ code. Basically, I am trying to analyze the security issues (buffer overflow, SQL injection etc.) of an application. Therefore, I downloaded some source code analyzer testing tools. But I don’t know which one is the best on. Therefore, before I start to analyze my project, I want to test the ability of finding the security issues on a random open source C++ project (especily programs with some network communication). I would like to ask you, if you know some webpage, where I can download some open source C++ projects with an attached list of some known security bugs. I would import this open source project into my Eclipse or Microsoft Visual Studio and test the code with several code analyzers, afterwards I will try to understand all the warnings and errors found by the source code analyzers and compare with those known by the author, in order to be able to find the best source code analyzing tool. Thank you a lot for your help. David
I think DP is not the right place to ask for this kind of thing. Here we are much more interested in web development. But I think that in milw0rm.com and others security specialized websites you will find what you want.