Home page logo

fulldisclosure logo Full Disclosure mailing list archives

php code reviewer(php source code auditing tool)
From: Rain Liu <yu.liu () nosec org>
Date: Fri, 18 May 2012 08:10:06 +0800

PHP is a very simple and easy-to-learn programming language – it provides
anyone with minimal programming skills an easy way to get things done. For
example, you can assign a value to a variable without even declaring that
variable. It is those types of practices and often lack of knowledge of the
weakness of PHP that makes web sites more prone to attacks. In our attempt
to help you make your PHP site and web applications more secure, we’ve
produce a useful PHP source code auditing tools.

Php Code Reviewer is a PHP audit tool that performs automatic scans of PHP
source code, aimed at the detection of web application vulnerabilities such
as XSS and Command Execute. Php Code Reviewer takes a PHP program as input,
and creates a report that lists possible vulnerable points in the program,
together with additional information for understanding the vulnerability.
Php Code Reviewer takes the source code text, and matches the source code
text against those names, while ignoring text inside comments and strings
(except for flawfinder directives).

Please click  eavaluate|buy <http://nosec.org/en/evaluate/> to download
full version.




Rain Liu

NOSEC WebSite http://www.nosec.org <http://www.nosec-inc.com>

NOTICE: This communication is intended ONLY for the use of the person or
entity named above and may contain information that is confidential or
legally privileged. If you are not the intended recipient named above or a
person responsible for delivering messages or communications to the
intended recipient, YOU ARE HEREBY NOTIFIED that any use, distribution, or
copying of this communication or any of the information contained in it is
strictly prohibited. If you have received this communication in error,
please notify us immediately by telephone and then destroy or delete this
communication, or return it to us by mail if requested by us.
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • php code reviewer(php source code auditing tool) Rain Liu (May 20)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]