From: Ric Messier (kilroy@WasHere.COM)
Date: Mon Sep 11 2006 - 11:36:38 EDT
Wahyu Wijaya H. writes:
>
>
> i got involved in some web application development using php and mysql.
> i got responsibility to check for vulnerability that may exist.
> is there any tool that can help me? i mean any tool that could scan the
> entire source code to find any vulnerability, because auditing all
> source code seems overwhelming to me :-) plus that i am no fluent in
> php language.
>
PHP is fairly C-like. If you know C, it's pretty easy to read PHP. However,
try RATS. http://www.securesoftware.com/download_rats.htm
There is another tool (free) I've run across recently but the name is
escaping me at the moment.
Ric
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:56 EDT