I have been given the source code of a large tailor made .Net Windows Application and im required to scan through it and certify that it is safe and Malware-free. Are there any tools out there that actually scan .Net source code to detect possible embedded/hidden Malware code?

A logical strategy may be to look for code that sends sensitive data outside the application (such as by email, WCF, web services...etc), correct? If not, what else should i look for?

Any advice would be greatly appreciated...



Anything that creates or deletes random/small files that seem to have no purpose. Process execution code. Anything that alters the registry. Come on, think about what malware does and then look for that ^^