Skip to main content

Table 1 Security assessment tools

From: Sifu - a cybersecurity awareness platform with challenge assessment and intelligent coach

Component Tools
Compiler GCC v10.1 (Stallman 2002) (OS), Clang 9.0.0 (OS) (Lattner 2018)
SAST AbsInt RuleChecker (AbsInt 2020a), SonarQube (SonarSource 2020), Pc Lint (Gimpel 2020)
  cppcheck (OS) (Marjamäki 2017), fbinfer (OS) (FaceBook 2020), semgrep (OS) (R2C 2020)
  Clang-Tidy (OS) (The Clang Team 2020), FlawFinder (OS) (Wheeler 2013), Frama-C (OS) (Baudin et al. 2020)
  Graudit (OS) (Wireghoul 2020), CMetrics (OS) (MetricsGrimoire 2020), ESBMC (OS) (ESBMC 2020; Gadelha et al. 2018)
  TScanCode (OS) (Tecent 2020), Ikos (OS) (NASA-SW-VnV 2020)
DAST AbsInt Astrée (AbsInt 2020b), Valgrind (OS) (Valgrind Developers 2010), Helgrind (OS) (Valgrind Developers 2020)
RASP Address Sanitizer (OS) (Google 2020b), Leak Sanitizer (OS) (Google 2020c),
  Thread Sanitizer (OS) (Google 2020d)
Unit Test ATF (OS) (JMMV 2020a), Kyua (OS) (JMMV 2020b), AFL (OS) (Google 2020a)