Spike PHP Security Audit Tool 0.23

Spike PHP Security Audit Tool project is a tool that performs a static analysis of PHP code for security exploits. Usage: To in

Developer:	SpikeSource, Inc. more software by author →
Price:	0.00
License:	Open Software License
File size:	0K
Language:
OS:
Rating:	0 /5 (0 votes)
Your vote:
enlarge screenshot

Spike PHP Security Audit Tool project is a tool that performs a static analysis of PHP code for security exploits.

Usage:

To install, unzip Spike phpSecAudit package.

> unzip spike_phpSecAudit.zip

Change directory to your php repository.

> cd /path/to/code/to/audit

Execute the run.php, passing the file name or directory to audit.

> php /path/to/spike_phpSecAudit/run.php test_file.php

or

> php /path/to/spike_phpSecAudit/run.php dir_name

What's New in This Release:

Modified to be PHP 4 friendly.

A few functions have been added to the knowledge base: extract, shell_exec, pcntl_exec, and exec.

The organization of the knowledge base file (vuln_db.xml) has been slightly improved.

The _getAllPhpFiles function may miss a few (unverified).

The tokenizer needs to be able to differentiate between a native function call and class method call of the same name, i.e. mail() and $class->mail().
tags

spike phpsecaudit run php knowledge base and class the knowledge php path unzip spike phpsecaudit run

Download Spike PHP Security Audit Tool 0.23

http://developer.spikesource.com/frs/download.php/119/spike_phpSecAudit_0.23.zip

Authors software

Spike PHP Security Audit Tool 0.23 (by SpikeSource, Inc.)
Spike PHP Security Audit Tool project is a tool that performs a static analysis of PHP code for security exploits.

Usage:

To in

Similar software

Spike PHP Security Audit Tool 0.23 (by SpikeSource, Inc.)
Spike PHP Security Audit Tool project is a tool that performs a static analysis of PHP code for security exploits.

Usage:

To in

audit daemon 1.2.9 (by Steve Grubb)
audit package contains the user-space utilities for creating audit rules

SMBD Audit 0.2 RC1 (by Anatoliy Okhotnikov)

Domain Auditor 0.31 (by Mike Seigafuse)
Domain Auditor project was written to audit and track accounts within a domain

Snare 0.9.8 (by Leigh Purdie)
SNARE (System iNtrusion Analysis and Reporting Environment) is a kernel patch, daemon, and Gnome2 GUI, that together provide a host i

SPIKE Proxy 1.4.8 (by Dave Aitel)
Spike Proxy is an open source HTTP proxy for finding security flaws in web sites.

SPIKE Proxy is part of the Spike Application Tes

MTASC 1.11 (by Nicolas Cannasse)
MTASC is the first ActionScript 2 Open Source free compiler.

MTASC project can compile large number of .as class files in a very s

Network Security Analysis Tool 1.5 (by mixter)
Network Security Analysis Tool is a fast, stable bulk security scanner designed to audit remote network services and check for versio

Basic Analysis and Security Engine 1.2 (by Kevin Johnson)
BASE is the Basic Analysis and Security Engine

glibc-audit 2.4-4 (by John Reiser)
glibc-audit is a modified version of glibc for application developers who check their code with an automatic memory access checker su

Other software in this category

TruStudio foundation 1.0.0 (by andrey platov)
TruStudio Foundation is an open source project and a foundation for development tools for scripting languages

TOra 1.2.4 (by Henrik Johnson)
TOra is a Toolkit for Oracle which aims to help the DBA or developer of database application

DBG 2.11.32 (by DD)
DBG is a a full-featured php debugger, an interactive tool that helps you debugging php scripts.

It works on a production and/or d

ltrace 0.3.36 (by Juan Cespedes)
ltrace is a debugging program which runs a specified command until it exits

ngrep 1.45 (by Jordan Ritter)
ngrep project strives to provide most of GNU grep's common features, applying them to the network layer