Spike PHP Security Audit Tool 0.23

Spike PHP Security Audit Tool project is a tool that performs a static analysis of PHP code for security exploits.

  Add it to your Download Basket!

 Add it to your Watch List!

0/5

Rate it!
send us
an update
LICENSE TYPE:
Open Software License 
USER RATING:
3.1/5 18
DEVELOPED BY:
SpikeSource, Inc.
HOMEPAGE:
developer.spikesource.com
CATEGORY:
ROOT \ Programming \ Debuggers
Spike PHP Security Audit Tool project is a tool that performs a static analysis of PHP code for security exploits.

Usage:

To install, unzip Spike phpSecAudit package.

> unzip spike_phpSecAudit.zip

Change directory to your php repository.

> cd /path/to/code/to/audit

Execute the run.php, passing the file name or directory to audit.

> php /path/to/spike_phpSecAudit/run.php test_file.php

or

> php /path/to/spike_phpSecAudit/run.php dir_name

What's New in This Release:

Modified to be PHP 4 friendly.
A few functions have been added to the knowledge base: extract, shell_exec, pcntl_exec, and exec.
The organization of the knowledge base file (vuln_db.xml) has been slightly improved.
The _getAllPhpFiles function may miss a few (unverified).
The tokenizer needs to be able to differentiate between a native function call and class method call of the same name, i.e. mail() and $class->mail().

Last updated on August 1st, 2006

#PHP security #PHP audit #PHP analyzer #Spike #PHP #Security #Audit

Add your review!

SUBMIT