Where is Microsoft Source Code Analyzer for SQL Injection?

WindowsGeek 21 Reputation points
2021-10-02T09:50:29.99+00:00

Hello,
How can I download Microsoft Source Code Analyzer for SQL Injection tool?

Thank you.

Windows for business Windows Server User experience Other
Windows for business Windows Server Devices and deployment Configure application groups
0 comments No comments
{count} votes

4 answers

Sort by: Most helpful
  1. Erland Sommarskog 121.4K Reputation points MVP Volunteer Moderator
    2021-10-02T17:32:27.94+00:00

    Refer to the below url
    Getting started with Microsoft Source Code Analyzer for SQL Injection
    https://techcommunity.microsoft.com/t5/sql-server/getting-started-with-microsoft-174-source-code-analyzer-for-sql/ba-p/383452

    That article does indeed have a download link. However when you click it, there is nothing to download.

    And maybe not that surprising, since the blog post is an announcement for a CTP and it was originally published in 2008.

    I don't know anything about this tool, but the Google hits are all quite old. Some refer to a 1.3, but they are not from microsoft.com. It could be that the tool never made RTM, and the CTP is all there was. In any case, it does not seem to be available now.

    1 person found this answer helpful.
    0 comments No comments

  2. SUNOJ KUMAR YELURU 15,256 Reputation points MVP Volunteer Moderator
    2021-10-02T15:29:47.837+00:00

    Hi @WindowsGeek

    Refer to the below url
    Getting started with Microsoft Source Code Analyzer for SQL Injection
    https://techcommunity.microsoft.com/t5/sql-server/getting-started-with-microsoft-174-source-code-analyzer-for-sql/ba-p/383452

    If the Answer is helpful, please click Accept Answer and up-vote, so that it can help others in the community looking for help on similar topics.

    0 comments No comments

  3. SUNOJ KUMAR YELURU 15,256 Reputation points MVP Volunteer Moderator
    2021-10-03T07:14:12.28+00:00

    Hi @WindowsGeek

    You can refer to the free and open source SQL injection tools.
    https://resources.infosecinstitute.com/topic/best-free-and-open-source-sql-injection-tools/

    Please let us know if you have further query on this and don’t forget to Accept the answer

    0 comments No comments

  4. Sreeju Nair 12,661 Reputation points
    2021-10-03T09:06:21.813+00:00

    You may use Code Analyzer that is available with Visual Studio.

    https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/overview

    Code quality analysis ("CAxxxx") rules inspect your C# or Visual Basic code for security, performance, design and other issues. Analysis is enabled, by default, for projects that target .NET 5.0 or later. You can enable code analysis on projects that target earlier .NET versions by setting the EnableNETAnalyzers property to true.

    See the below rule that will help you to work against SQL Injection vulnerability

    https://learn.microsoft.com/en-us/dotnet/fundamentals/code-analysis/quality-rules/ca3001

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.