« Chrome adds defence for cross-site scripting attacks, already busted | Main | Strict Transport Security (STS) draft specification is public »

Microsoft publishes BinScope and MiniFuzz

From the download pages.

"BinScope is a Microsoft verification tool that analyzes binaries on a project-wide level to ensure that they have been built in compliance with Microsoft’s Security Development Lifecycle (SDL) requirements and recommendations. BinScope checks that SDL-required compiler/linker flags are being set, strong-named assemblies are in use, up-to-date build tools are in place, and the latest good ATL headers are being used. BinScope also reports on dangerous constructs that are prohibited by SDL."

MiniFuzz is a basic testing tool designed to help detect code flaws that may expose security vulnerabilities in file-handling code. This tool creates multiple random variations of file content and feeds it to the application to exercise the code in an attempt to expose unexpected and potentially insecure application behaviors."

BinScope Download: http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=90e6181c-5905-4799-826a-772eafd4440a
BinScope Video Demo: http://edge.technet.com/Media/binscope-overview-and-demo/
MiniFuzz Video Demo: http://edge.technet.com/Media/minifuzz-overview-and-demo/
MiniFuzz Download: http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=b2307ca4-638f-4641-9946-dc0a5abe8513


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!