Project 2: Code Review Tools A. This project requires you to use two different secure static analysis tools to scan a C++ file. The first tool is called FlawFinder and the second one is called VisualCOdeGrepper. Before starting the project, please watch video at https://www.youtube.com/watch?v=OVWHpyjqBkI B. Next, if you have not done so, please download c.s.ubuntu from http://ccd.ncat.edu/YuanCSUbuntuNew.zip, unzip the file into a folder using the free "7-zip" software. You will need VMPlayer (version 12.x.x) to run the virtual machine. VMPlayer can be downloaded free online. Once you downloaded VMplayer, you can double click the C.S ubuntu.vmx file under the C.S. ubuntu directory. The c.s.ubuntu password is “qwerty”.C. FlawFinder are already installed in that virtual machine. You just need Flawfinder using command line. a. For information on how to run FlawFinder, refer to: http://www.dwheeler.com/flawfinder/ D. Next download VisualCodeGrepper from https://sourceforge.net/projects/visualcodegrepp/. Select the Windows version. a. Once downloaded, install the software to your host machine. b. Read the README.txt on starting the tool and scanning a file or folder of files. E. Use the given VulnerableC++ file as input, Run VisualCodeGrepper and FlawFinder to scan for security vulnerabilities. F. Analyze and compare the results of VisualCodeGrepper and FlawFinder on VulnerableC++ code you run. a. Compare the severity of similar vulnerabilities found by both tools b. Discuss similar and different vulnerabilities reported by the tools. Discuss false positive results. G. Modify the program according to the results of VisualCodeGrepper, run VisualCodeGrepper to see whether the complaints no longer exist. Modify the program according to the results of FlawFinder, run FlawFinder to see whether the complaints no longer exist. H. For the modified VulnerableC++ based on VisualCodeGrepper, run it in FlawFinder, and see the results. For the modified Vulnerable C++ based on FlawFinder, run it in VisualCodeGrepper, and see the results.