Pixy is a sourcecode scanner for PHP 4 that tries to detect two major types of webapplication vulnerabilities. Cross-sitescripting (XSS) and SQL injection are twoof the most commonly reported security problems in web applications; anyhelp in detecting and fixing them is welcome. In addition, for those whowant to try before they install, the project offers a webinterface to upload PHP code for XSS checking.
Pixy Â? New Free Open-source XSS And SQL Injection Scanner For PHP Programs
There are endless arguments about the PHP language and whether itsconstructs and practices foster secure programs, but it is clear that many,if not most, PHP projects have had security problems along the way.Removing XSS and SQL injection problems would take care of a significantfraction of the problems reported daily on BugTraq. Anyone working withPHP code, especially when using MySQL via the mysql_query() call,should seriously consider running Pixy while giving a careful look atanything suspicious that it reports.
Tools that use sound, i.e. over-approximating a rigorous model, formal methods approach to static analysis (e.g., using static program assertions). Sound methods contain no false negatives for bug-free programs, at least with regards to the idealized mathematical model they are based on (there is no "unconditional" soundness). Note that there is no guarantee they will report all bugs for buggy programs, they will report at least one.
Jovanovic et al. [28] have developed Pixy, which is the first open source tool for statically detecting XSS vulnerabilities in PHP 4 code by means of data follow analysis which is based on a static analysis technique. They adopted PHP as target language since it is commonly used for developing web applications [29] and a substantial number of security advisories refer to PHP programs [30]. Although the Pixy prototype is aimed at the detection of XSS vulnerabilities, it can be equally applied to other taint-style vulnerabilities such as SQL injection or command injection.
d0d94e66b7