Thread-topic: Pixy - An Open-Source Vulnerability Scanner for PHP Applications
> -----Original Message-----
> From: pixy-noreply@xxxxxxxxxxxxxxxxxxx
> [mailto:pixy-noreply@xxxxxxxxxxxxxxxxxxx]
> Sent: Wednesday, June 20, 2007 1:14 PM
> To: bugtraq@xxxxxxxxxxxxxxxxx
> Subject: Pixy - An Open-Source Vulnerability Scanner for PHP
> Applications
>
> The Secure Systems Lab at the Technical University of Vienna
> has released the newest version of Pixy, an open-source
> vulnerability scanner. Here are some of the highlights:
>
> - detection of SQL injection and XSS vulnerabilities in PHP
> source code
>
> - automatic resolution of file inclusions
>
> - computation of dependence graphs that help you understand
> the causes of reported vulnerabilities
>
> - static analysis engine (flow-sensitive, interprocedural,
> context-sensitive)
>
> - platform-independent (written in Java)
>
> Pixy can be downloaded for free from
> . There, you can also find
> a web interface that allows you to test Pixy online. Enjoy!
>
> We would be happy to receive feedback, comments, and other
> contributions! Please send your suggestions to "pixy-tool at
> seclab" (domain see below).
>
> Nenad Jovanovic
> Secure Systems Lab
> Technical University of Vienna
>
>
