New PHP Intepreter-Based XSS and SQL Security Tester
Researchers from MIT, Stanford and Syracuse have developed a program named “Ardilla” which can analyze PHP code for Cross-Site Scripting (XSS) and SQL injection attack vulnerabilities. The researchers say Ardilla found 68 never-before found vulnerabilities in five different PHP applications using the tool — 23 SQL injection and 45 XSS flaws.
Ardilla is an automated tool that generates concrete attack vectors for Web applications written in PHP,” the researchers say. “The user of Ardilla needs to specify the type of attack (SQLI, first order XSS, or second-order XSS), the PHP program to analyze, and the initial database state.
Read more about this here:
PHP XSS and SQL Exploit Testing
Posted by Dave on June 19, 2009 in php
Zend Certified Engineer - PHP website development is one of my favorite ways to kill time online.
Write a Comment on New PHP Intepreter-Based XSS and SQL Security Tester
Comments on New PHP Intepreter-Based XSS and SQL Security Tester are now closed.