From: Joachim Schipper (j.schipper@math.uu.nl)
Date: Mon Sep 11 2006 - 16:46:43 EDT
On Mon, Sep 11, 2006 at 04:30:56PM +0700, Wahyu Wijaya H. wrote:
> hi all,
>
> i got involved in some web application development using php and
> mysql. i got responsibility to check for vulnerability that may exist.
> is there any tool that can help me? i mean any tool that could scan
> the entire source code to find any vulnerability, because auditing all
> source code seems overwhelming to me :-) plus that i am no fluent in
> php language.
This is not what you are looking for, but there definitely *are* tools
to check for common mistakes (SQL injection, XSS, &c). Something like
Nikto may or may not be a good starting point; it's not something I'm
too interested in, myself, but it might catch some mistakes.
Joachim
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:56 EDT