RATS, a freely available code auditing tool, is available for download at
http://www.securesoftware.com/download_form_rats.htm . This audits PHP,
Perl, Python, etc... for common security vulnerabilities.
I would suggest "Building Secure Software", by Viega and McGraw.
Published by Addison Wesley, this book provides a faily broad overview
with good examples.
>> Hi,
>>
>> I'm a beginner in PHP and Perl coding and would like a little help!
>> I've
> written a few small scripts for personal use, but I want to start
> writing scripts that will be used by / open to the public, and want to
> write them with security in the forefront.
>>
>> I'm having a hard time finding specific, concrete examples of common
> webapp security problems and examples of how to avoid them. Many sites
> say "validate user input" or "avoid path traversal" or "beware of
> include files" but don't give good examples of *how* I'm supposed to do
> these things!
>>
>> I guess I'm looking for something along the lines of "Webapp Security
>> for
> Dummies" as a building block. Can anybody point to useful resources for
> this? The OWASP guide seems to be more of a guide for competent coders
> who already know how to avoid the problems listed. :)
>>
>> Thanks!
>>
>> _____________________________________________________________
>> Fight the power! BlazeMail.com
>>
>> _____________________________________________________________
>> Select your own custom email address for FREE! Get you_at_yourchoice.com
>> w/No
> Ads, 6MB, POP & more! http://www.everyone.net/selectmail?campaign=tag
Received on Oct 28 2002
Intro
