‘Pixy – An Open-Source Vulnerability Scanner for PHP Applications’



‘The information has been provided by Nenad Jovanovic.
To keep updated with the tool visit the project’s homepage at: http://pixybox.seclab.tuwien.ac.at/


‘The Secure Systems Lab at the Technical University of Vienna has released the newest version of Pixy, an open-source vulnerability scanner. Here are some of the highlights:
 * Detection of SQL injection and XSS vulnerabilities in PHP source code
 * Automatic resolution of file inclusions
 * Computation of dependence graphs that help you understand the causes of reported vulnerabilities
 * Static analysis engine (flow-sensitive, interprocedural, context-sensitive)
 * Platform-independent (written in Java)’

Categories: Tools