Offensive 360 does deep source code analysis with one click. (We spent years building virtual compilers that understand the code, not only catching low hanging fruits vulnerabilities. We also claim that O360 can find security flaws that are even difficult for skilled application security testing consultants to find)
This section explains how to install and configure the Offensive 360 Visual Studio Extension Plugin and how to scan files, folder and workspace.
Installing the Plugin
Open the Microsoft Visual Studio application, navigate to the Extensions and click on Manage Extensions.
Search for Offensive 360 and click on download
Configuring Offensive 360 Settings
Click on Tools menu => Options => Settings to configure Offensive 360 settings if you are installing for first time or if you want to make any change to existing Offensive 360 settings.
Then expend Offensive360 node from left menu bar and click on General
Enter Offensive 360 scan endpoint and access token information and click on ok button
How it works
Simply open any .Net solution in Visual studio and click on Build => Offensive 2360 : Scan menu to start the scaning of current .Net solution
You will see queued status on status bar that indicates you scan request got queued.
After some time message on status bar will be updated to let you know whether your scan request is still in queued state or it reached to in-progress state. if it is still in queued, you will see queue position.
As soon as scanning is done, you will see vulnerabilities in IDE
By clicking on a vulnerability, you will be redirected to respective code file, line and column.
Clear all Errors on right click on a vulnerability will be appeared and help you in clearing all the errors from IDE
Get Help on right click on a vulnerability will be appeared and help you in getting more details about a vulnerability