Thursday, 21 June 2012

Real-time Vulnerability Creation Feedback inside VisualStudio (with Greens and Reds)

Here is a pretty cool PoC of a Real-time Vulnerability Creation Feedback inside VisualStudio where I show how a number of security vulnerabilities (XSS, SQL Injection, Path Transversal, Unvalidated Redirects) are detected as soon as they are created.

I'm trying to find out the best visual way to present this info to the user, and Greens/Red are usually a good indication of good/bad stuff (also note how the squiggly lines show the traces (i.e. the places where there is a vulnerability)

If you want to comment on this PoC or idea, please use this reddit thread 

Related posts:


S├Şren Reinke said...

Looks very nice, gotta try it.

Is there anyway to remove the 'popup' window.
Either completely, or at least until you go to a new line.

Dinis Cruz said...

Hi, What do you mean by the 'popup' window?

We're still trying to figure out the best way to show this, so if you have any good ideas, please share them :)