News Feed
Jobs Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Greg Beaver's Blog:
Quick review of Pixy vulnerability scanner for PEAR users
June 25, 2007 @ 07:30:27

Greg Bever has a (very) quick post about his experiences with the Pixy XSS and SQLI Scanner running against PEAR files.

I tried out the Pixy XSS and SQLI Scanner (http://pixybox.seclab.tuwien.ac.at/pixy/index.php) on a few simple PEAR files. On the first, I got a java exception, on the second it was unable to resolve the simplest of includes (no ability to resolve include_path). In short, the thing is useless for anything written using PEAR. Fun!

The Pixy XSS and SQLI Scanner is made to find SQL and XSS injection issues in scripts. It runs as a Java application and scans PHP4 source code to try to find problems. For more information on the scanner or to try it out for yourself, check out the project's homepage for documentation and downloads.

0 comments voice your opinion now!
review pixy vulnerability scanner pear xss sqlinjection review pixy vulnerability scanner pear xss sqlinjection


blog comments powered by Disqus

Similar Posts

ThinkPHP Blog: New Help Center for Chorizo!

Stefan Esser's Blog: Suhosin 0.9.20 and crypt() Thread Safety Vulnerability

Community News: Latest PEAR Releases for 01.29.2007

Community News: Latest PEAR Releases for 11.27.2006

Till Klampaeckel's Blog: A roundhouse kick, or the state of PHP


Community Events











Don't see your event here?
Let us know!


hack application package unittest introduction database component install composer opinion podcast facebook security performance hhvm symfony2 overview release language framework

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework