Penetration Testing mailing list archives
RE: tools to scan source code
From: "Ric Messier" <kilroy () WasHere COM>
Date: Mon, 11 Sep 2006 09:36:38 -0600
Wahyu Wijaya H. writes:
i got involved in some web application development using php and mysql. i got responsibility to check for vulnerability that may exist. is there any tool that can help me? i mean any tool that could scan the entire source code to find any vulnerability, because auditing all source code seems overwhelming to me :-) plus that i am no fluent in php language.
PHP is fairly C-like. If you know C, it's pretty easy to read PHP. However, try RATS. http://www.securesoftware.com/download_rats.htm There is another tool (free) I've run across recently but the name is escaping me at the moment. Ric ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------
Current thread:
- tools to scan source code Wahyu Wijaya H. (Sep 11)
- RE: tools to scan source code Ric Messier (Sep 11)
- Re: tools to scan source code Stefano Zanero (Sep 12)
- Re: tools to scan source code Kish Pent (Sep 13)
- Re: tools to scan source code Stefano Zanero (Sep 13)
- Re: tools to scan source code Ben Hall (Sep 13)
- Re: tools to scan source code Dan Catalin Vasile (Sep 13)
- RE: tools to scan source code Benjamin Livshits (Sep 13)
- Re: tools to scan source code Kish Pent (Sep 16)
- Re: tools to scan source code Stefano Zanero (Sep 12)
- Re: tools to scan source code Wahyu Wijaya H. (Sep 13)
- Re: tools to scan source code Barrie Dempster (Sep 14)
- RE: tools to scan source code Benjamin Livshits (Sep 15)
- RE: tools to scan source code Ric Messier (Sep 11)