 |
Categories |
|
 |
|
| PHP Penetration Tests (XSS, SQLI, CFLF, ACU)
|
Hits: 359
|
|
Description: PHP Penetration Test is a program for performing simple form based security tests. Securing the internet is upon to developers to create proper forms and applications. This is a tool for testing individual fields and values from various attacks. How to use this program:
* Grab url of address you wish to test, the action url.
* Click Tamper Post, 10 fields appear that are “post field name” : “post field value”
* If you wish to test a post field click XSS for cross-side scripting or hit for SQL Injection tests
* Then hit Run, it will tell you if it has exploits or if doesn’t have a tested exploit.
How to protect against XSS attacks
* Clean all text displayed from user inputs with filter (ex. preg_replace(’[a-z0-9]’,$ str);)
How to protect against SQL Injections
* Clean all inputs
* Also escape text with mysql_escape_string()
How to protect against Auth Attacks How to protect against Directory Access Attacks How to protect against CRLF attacks
|
| Resource Specification |
| Platform(s): |
linux, windows, freebsd, osx, sun |
| Date Added: |
May 14, 2008 |
| Last Updated: |
May 14, 2008 |
| Author: |
Hawk Enterprises |
Average Visitor Rating:
4.50 (out of 5)
Number of Ratings: 2 Votes |
| Visitor ratings breakdown by period |
| Last 7 Days |
0 |
0 |
0 |
0 |
0 |
0.00 |
| Last Month |
0 |
0 |
0 |
0 |
0 |
0.00 |
| Last Year |
0 |
0 |
0 |
1 |
1 |
4.50 |
| Overall |
0 |
0 |
0 |
1 |
1 |
4.50 |
| |
1 |
2 |
3 |
4 |
5 |
AVG |
|
|
|
| Visitor Rating Totals |
|
|
|
|
|
| 1 |
2 |
3 |
4 |
5 |
|
|
|
|
|
| Other Links by This Member |
|
|
|
|
Notes
