News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

ThinkPHP Blog:
Leveraging Security to PHP (using sausages)
March 10, 2006 @ 07:22:30

When do PHP security and sausages come together? Only in this post from the ThinkPHP blog that takes a look at their security application being developed specifically for finding issues with web applications - Chorizo.

Let's be honest - the guys over at bugtraq, full-disclosure and others make fun of us PHP people. Chorizo ScreenshotNot only do we provide the dramatis personae - be it phpBB, the Nuke family or XMLRPC, we also deliver remote code execution, XSS or SQL injections right to the security peoples' doorstep. Why does this happen? Are we all dumbnuts? That's not the explanation - at least not all of it.

In the history of PHP, users and ISPs have always been nice and friendly like our grandma. Their continued support even in rough times ensures PHP's ongoing success, so we shouldn't let them down and ignore everything they say (like we do with our grandmas).

Enter Chorizo, an easy-to-use, speedy little proxying bit of software that looks at the data coming through and finds whatever issues it can. It looks at where "web applications get interactive" instead of just spidering the sites, and checks multiple kinds of attacks including: XSS, SQL injections, code inclusions, code executions, HTTP response splitting, and many more. It's not open to the public just yet, but you can preregister to have an active account just as soon as it goes live.

0 comments voice your opinion now!
security sausage web application vulnerabilities security sausage web application vulnerabilities


blog comments powered by Disqus

Similar Posts

PHP-Code.net: Securing PHP Apps Part III Securing PHP on the server/Securing MySQL & Apache

Bill Staples' Blog: IIS7 Patch for Windows Vista fixes CGI/PHP apps - multiple response headers

Brandon Savage's Blog: REST APIs as Data Backends

Robert Basic's Blog: Book review - Guide to Web Scraping with PHP

LoLoCoJr Blog: Rewriting a (large) PHP application in Rails, part 2


Community Events

Don't see your event here?
Let us know!


php7 application series performance conference release framework podcast interview configure laravel example library introduction api opinion voicesoftheelephpant language symfony2 community

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework