Sources:
A collection of test cases in the C#, Java, and C/C++ languages.
This project includes all the test cases for Credentials Management Errors relating to the storage of credentials/passwords at rest (e.g. hard-coded passwords):
- CWE-256: Plaintext Storage of a Password
- CWE-260: Password in Configuration File
- CWE-257: Storing Passwords in a Recoverable Format
- CWE-259: Use of Hard-coded Password
- CWE-321: Use of Hard-coded Cryptographic Key
- CWE-798: Use of Hard-coded Credentials
Although this is the criteria for the tests selected, there are not tests available for all of the above CWE's; only CWE-256, CWE-259 and CWE-321 are available from the Julia 1.3 suite.
This project does not include the scripts to execute test cases, documents, or any additional support files. For those please download the full Juliet test suite:
This software is not subject to copyright protection and is in the public domain. NIST assumes no responsibility whatsoever for its use by other parties, and makes no guaranties, expressed or implied, about its quality, reliability, or any other characteristic.
Pursuant to 17 USC 105, Juliet Test Suite for C/C++ version 1.3 is not subject to copyright protection in the United States. To the extent NIST may claim Foreign Rights in Juliet Test Suite for C/C++ version 1.3, the Test Suite is being made available to you under the CC0 1.0 Public Domain License.