Offensive 360 does deep source code analysis with one click. (We spent years building virtual compilers that understand the code, not only catching low hanging fruits vulnerabilities. We also claim that O360 can find security flaws that are even difficult for skilled application security testing consultants to find)
This section explains how to install and configure the Offensive 360 Visual Studio Extension Plugin and how to scan files, folder and workspace.
-
Open the Microsoft Visual Studio application, navigate to the Extensions and click on Manage Extensions.
-
Search for Offensive 360 and click on download
-
Click on
Tools menu => Options => Settingsto configure Offensive 360 settings if you are installing for first time or if you want to make any change to existing Offensive 360 settings.
-
Then expend
Offensive360node from left menu bar and click onGeneral
-
Enter Offensive 360 scan endpoint and access token information and click on ok button
-
Simply open any .Net solution in Visual studio and click on
Build => Offensive 2360 : Scanmenu to start the scaning of current .Net solution
-
You will see queued status on status bar that indicates you scan request got queued.
-
After some time message on status bar will be updated to let you know whether your scan request is still in queued state or it reached to in-progress state. if it is still in queued, you will see queue position.
-
As soon as scanning is done, you will see vulnerabilities in IDE
-
By clicking on a vulnerability, you will be redirected to respective code file, line and column.
-
Clear all Errorson right click on a vulnerability will be appeared and help you in clearing all the errors from IDE
-
Get Helpon right click on a vulnerability will be appeared and help you in getting more details about a vulnerability
Enjoy!!