[Cialug] automatic php security analysis
David Champion
dchampion at visionary.com
Tue Jan 6 14:50:52 CST 2009
Matthew Nuzum wrote:
> Hi, does anyone know of a tool that will look at a php source code and
> inspect it for some common security problems? I've spent a little time
> porting some older code I wrote from PHP4 to PHP5. It was easy enough
> for most tasks but wondered if there were any helpful tools that would
> look specifically for unsafe use of global variables, however checking
> for other problems would be equally useful.
>
>
In a PHP security related note... look into suhosin, if you're not
already using it:
http://www.hardened-php.net/suhosin/
-dc
More information about the Cialug
mailing list