Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: tools to scan source code
From: "Ric Messier" <kilroy () WasHere COM>
Date: Mon, 11 Sep 2006 09:36:38 -0600



Wahyu Wijaya H. writes:


i got involved in some web application development using php and mysql.
i got responsibility to check for vulnerability that may exist.
is there any tool that can help me? i mean any tool that could scan the
entire source code to find any vulnerability, because auditing all
source code seems overwhelming to me :-) plus that i am no fluent in
php language.


PHP is fairly C-like. If you know C, it's pretty easy to read PHP. However,
try RATS. http://www.securesoftware.com/download_rats.htm

There is another tool (free) I've run across recently but the name is
escaping me at the moment.

Ric



------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]