CAT.NET is a binary code analysis tool that helps identify common variants of certain prevailing vulnerabilities that can give rise to common attack vectors such as Cross-Site Scripting (XSS), SQL Injection and XPath Injection.
By default, CAT.NET v1 cannot be run in Visual Studio 2010. The following tweak can be used to enable CAT.NET v1 in Visual Studio 2010.
- In notepad, open file %APPDATA%\Microsoft\MSEnvShared\Addins\Microsoft.ACESec.CATNet.AddIn
- Add a line “<Version>10.0</Version>” below the line “<Version>9.0</Version>”
- Open Visual Studio 2010, and navigate to Tools –> CAT.NET Code Analysis