I did some searching today for PHP static analysis tools, and came across some interesting ones.
PHP-Front: Not yet even at v0.1 yet, but I await the release eagerly. You can download unstable releases if you want to test it out.
PHP-SAT: Made by the same people (person?) as PHP-Front, and also not yet even at v0.1 yet. You can download unstable releases if you want to test it out.
Pixy: This looks like an academic project, but at least they have something working! The analysis tool deals mainly with detecting XSS vulnerabilities.
Searching for PHP dynamic analysis tools did not turn out as fruitful.
Friday, December 15, 2006
Subscribe to:
Post Comments (Atom)
2 comments:
Since then, there is a very good static analysis tool for PHP called CodeSecure, which you can find at www.armorize.com
Thanks for giving ideas about these tools because I know it will be really useful for me, specially in the moment to get vulnerabilities.
Post a Comment