a Find Security Bugs is the SpotBugs plugin for security audits of Java web applications.
Website : http://find-sec-bugs.github.io/
- David Formánek
- Major improvements and refactoring on the taint analysis for injections.
- The creation of a detector for hard coded passwords and cryptographic keys.
- Tomáš Polešovský
- Improvements and bug fixes related to the taint analysis.
- Maxime Nadeau
- New detectors surrounding the Play Framework and improvements related to Scala.
- Naoki Kimura
- Detector for injection in custom API
- Translation of messages in Japanese
- Dave Wichers
- Improvement to vulnerability descriptions
The development of Find Security Bugs is supported by GoSecure since 2016. The support includes the development of new detectors and the research for new vulnerability classes.
This software is release under LGPL.