소스코드 검증 툴 / 검증 프로그램 / source code anaysis tool / secure code check / defective code 점검
PHP 안전 코드 분석 툴 PHP secure code anaysis tools
- Progpilot - Progpilot is a static analyzer tool for PHP that detects security vulnerabilities such as XSS and SQL Injection.
- RIPS
- RIPS is a static source code analyzer for vulnerabilities in PHP web
applications. Please see notes on the sourceforge.net site.
- version 이 update 되면서, 상용으로 변경된듯 하다. 옛버전은 최신의 php 에 대한 지원을 하지 않는듯 하다.
- phpcs-security-audit
- phpcs-security-audit is a set of PHP_CodeSniffer rules that finds
flaws or weaknesses related to security in PHP and its popular CMS or
frameworks. It currently has core PHP rules as well as Drupal 7
specific rules.
- VisualCodeGrepper (VCG)
- Scans C/C++, C#, VB, PHP, Java, and PL/SQL for security issues and
for comments which may indicate defective code. The config files can be
used to carry out additional checks for banned functions or functions
which commonly cause security issues.
- windows 용이다. .msi 를 제공한다. 사용도 어렵지 않다.
댓글 없음:
댓글 쓰기