New PHP Interpreter Finds XSS, Injection Holes - Ultimate Web Site Drop Down Menu Forum

		Ultimate Web Site Drop Down Menu Forum > News and Information > General Web Trends and News
New PHP Interpreter Finds XSS, Injection Holes

View First Unread

Thread Tools

Display Modes

06-23-2009, 12:14 AM

sl4shd0t

Posts: n/a

New PHP Interpreter Finds XSS, Injection Holes

rkrishardy writes "A group of researchers from MIT, Stanford, and Syracuse has developed a new program, named 'Ardilla,' which can analyze PHP code for cross-site scripting (XSS) and SQL injection attack vulnerabilities. (Here is the paper, in PDF, and a table of results from scanning six PHP applications.) Ardilla uses a modified Zend interpreter to analyze the code, trace the data, and determine whether the threat is real or not, significantly decreasing false positives." Unfortunately, license issues prevent the tool in its current form from being released as open source.http://developers.slashdot.org/slash.../06/19/1417212
Read more of this story at Slashdot.

</img>

More...

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts vB code is On Smilies are On [IMG] code is On HTML code is Off

All times are GMT. The time now is 11:08 AM.

Home

About

Demos

Download

Purchase

Support

Contact

Forum

Blog