This is 赵峰 | 赵峰之城 | 赵峰的博客 !

web代码审计工具

By 赵峰 on 2008, December 4, 10:46 AM

web代码审计工具,支持php的有:

CodeScan - [ .ASP, PHP ] -http://www.codescan.com/

CodeSecure - [ PHP, Java ] -http://www.armorize.com/corpweb/en/products/codesecure

PHP-Sat - [ PHP ] -http://www.program-transformation.org/PHP/PhpSat

Pixy - [ PHP ] -http://pixybox.seclab.tuwien.ac.at/pixy/index.php

RATS - [ C, C++, Perl, PHP, Python ] -http://www.fortify.com/security-resources/rats.jsp

Skavenger - [ PHP ] -http://code.google.com/p/skavenger/

smarty-lint - [ PHP ] -http://code.google.com/p/smarty-lint/

Spike PHP Security Audit Tool - [ PHP ] -http://developer.spikesource.com/projects/phpsecaudit/

SWAAT - [ PHP, ASP.NET, JSP, Java ] -http://www.owasp.org/index.php/Category:OWASP_SWAAT_Project

另外还有一个Fortify -http://www.fortifysoftware.com

» 阅读全文

Tags: | 知识 | Comments:0 | Read:675

Records:912