Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

   


   


   

















      :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: Pixy - An Open-Source Vulnerability Scanner for PHP Applications



 

> -----Original Message-----
> From: pixy-noreply@xxxxxxxxxxxxxxxxxxx 
> [mailto:pixy-noreply@xxxxxxxxxxxxxxxxxxx] 
> Sent: Wednesday, June 20, 2007 1:14 PM
> To: bugtraq@xxxxxxxxxxxxxxxxx
> Subject: Pixy - An Open-Source Vulnerability Scanner for PHP 
> Applications
> 
> The Secure Systems Lab at the Technical University of Vienna 
> has released the newest version of Pixy, an open-source 
> vulnerability scanner. Here are some of the highlights:
> 
> - detection of SQL injection and XSS vulnerabilities in PHP 
> source code
> 
> - automatic resolution of file inclusions
> 
> - computation of dependence graphs that help you understand 
> the causes of reported vulnerabilities
> 
> - static analysis engine (flow-sensitive, interprocedural, 
> context-sensitive)
> 
> - platform-independent (written in Java)
> 
> Pixy can be downloaded for free from 
> http://pixybox.seclab.tuwien.ac.at/. There, you can also find 
> a web interface that allows you to test Pixy online. Enjoy!
> 
> We would be happy to receive feedback, comments, and other 
> contributions! Please send your suggestions to "pixy-tool at 
> seclab" (domain see below).
> 
> Nenad Jovanovic
> Secure Systems Lab
> Technical University of Vienna
> http://www.seclab.tuwien.ac.at/
> 



 




Copyright © Lexa Software, 1996-2009.