Friday 9 November 2012

AppScan Source Findings in Ozasmt files (and O2 tools to View, Filter, Join, Stitch and Script them)

If you are using AppScan Source (previously called OunceLabs) you will find these O2 Tools really useful:

Note that these modules are some of the oldest ones in O2 (created during really hard-core security review engagements during my OunceLabs time), and the APIs that support these modules are REALLY powerful (and allow the analysis of thousands or millions of Findings/Traces)

Most of the code that creates these tools is now on the O2.Platform.Scripts folder (see Findings_Filtering at GitHub)

Util - Simple Findings Viewer v1.0.exe 

Supports the viewing of AppScan Source 8.x, 7.x and 6x *.ozasmt files (all the way back to the OunceLabs releases)

The C# REPL script environment can be used to view, edit, manipulate, join, stitch, delete or move Findings/Traces:

Util - Filter Findings by Source and Sink (RegEx) v1.0.exe

Easy way to script custom source-to-sink mappings:

PoC - Join Traces (on Attributes) - very basic version v1.0.exe

Example of how to join/stitch Attributes, HashMaps and Getters/Setters (for example setAttributes with getAttributes)