Views: 5,245 [ad] YASAT (Yet Another Stupid Audit Tool) is a simple stupid audit tool. Its goal is to be as simple as possible with minimum binary dependencies (only sed, grep and cut). It do many tests for checking security configuration issue or others good practice. It checks many software configurations like: Apache PHP kernel […]
php-security
RATS – Rough Auditing Tool for Security
Views: 19,221 RATS – Rough Auditing Tool for Security – is an open source tool developed and maintained by Secure Software security engineers. Secure Software was acquired by Fortify Software, Inc. RATS is a tool for scanning C, C++, Perl, PHP and Python source code and flagging common security related programming errors such as buffer […]
PHPIDS – Security Layer & Intrusion Detection for PHP Based Web Applications
Views: 8,155 [ad] Another protection for those building website and web applications, as it’s the the most common attack vector nowadays I think it’s important to be extra safe on this front. PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The […]
CORE GRASP – PHP Web Application Protection Software
Views: 4,544 [ad] CORE GRASP for PHP is a web-application protection software aimed at detecting and blocking injection vulnerabilities and privacy violations. As mentioned during its presentation at Black Hat USA 2007, GRASP is being released as open source under the Apache 2.0 license. The present implementation protects PHP 5.2.3 against SQL-injection attacks for the […]
PHP Security Specialist (Stefan Esser) Resigns
Views: 6,425 [ad] This is sad news as PHP hasn’t particularly had a good security record in the past. He has voiced his frustrations with the internal workings of the PHP team and the development process, he has been working hard to make PHP inherently more secure…But from the look of things it seems like […]