From: Hylton Conacher(ZR1HPC) (hylton@conacher.co.za)
Date: Tue Sep 12 2006 - 06:00:38 EDT
Wahyu Wijaya H. wrote:
> hi all,
>
> i got involved in some web application development using php and
> mysql. i got responsibility to check for vulnerability that may exist.
> is there any tool that can help me? i mean any tool that could scan
> the entire source code to find any vulnerability, because auditing all
> source code seems overwhelming to me :-) plus that i am no fluent in
> php language.
I saw something the other day about checking source code. Have a look
for SWAAT at http://www.securitycompass.com
I havent used or investigated the app but it might be what you want.
-- ======================================================================== Currently using SuSE 9.2 Professional with KDE and Mozilla 1.7.2 Linux user # 229959 at http://counter.li.org ======================================================================== ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:56 EDT