Automated code review: webgoat source code using the vcg sast tool

 For this assignment, My task is to scan the WebGoat source code using the VCG SAST tool and verify the findings within the code. In particular, you will be be using VisualCodeGrepper, which is an open-source SAST tool running on Windows. It supports multiple programming languages(C++, C#, VB, PHP, Java, and PL/SQL).. Prepare a simple report based on OWASP Findings Report Guide, and submit the report in a PDF format   There should be a section summarizing all the findings by:Risk levelOWASP Top 10 ThreatsTo install VCG and run your scans, follow these instructions:Download WebGoat 8.0 from GitHub in a zip format.Extract the zip file into a directory.Download VCG from the project page.Install VCG on a Windows machine. Consider the system requirements on the project page.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *