Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: tools to scan source code

From: Kish Pent <kish_pent () yahoo com>
Date: Sat, 16 Sep 2006 04:29:57 -0700 (PDT)
Hi Stefano :)

I completely agree with your reply. I have seen your
replies in the list "it makes sense"... This one was a
bit different, but you proved your mettle ;)

Cheers

--- Stefano Zanero <zanero () elet polimi it> wrote:


Hi Kish,

I realize I've been a bit too cryptic in my answer:


Stefano :), you must see Security Forest's page

which

says RATS can audit C,C++,Perl,PHP & Python source




code.(http://www.securityforest.com/wiki/index.php/Category:Source_Code_Scanners)


Yes, RATS _can_ audit PHP source. What I was
referring to is that web
app vulnerabilities have a different structure than
the vulnerabilities
you commonly audit C source code for.

For instance, you can detect candidates for buffer
overflow (along with
a bunch of false positives) through simple regexp
pattern matching. It's
way more difficult to detect with few false
positives candidates for SQL
injection.

The fact that RATS is able to handle PHP code is not
a synonym to the
fact that it can handle web-app vulnerabilities.

Stefano




__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: