Posts tagged php-security

PHPSecInfo talk at OSCON 2008

Tuesday, July 22, 2008 by Ed Finkler in R&D, Secure IT Practices
Share:

OSCON 2006: Energizing the Industry

If you’re at OSCON, and you love security, you may or may not enjoy my talk on PHPSecInfo, a security auditing tool for the PHP environment. I’m actually going to try to show some new code, so if you’ve seen it before, you can see it again – for the first time.

The talk is at 1:45pm Thursday, 07/24/2008.

Tags: auditing, php, tool, phpsecinfo, php-security, oscon, oscon2008

Post a comment (0 so far) »

PHPSecInfo v0.2 now available

Monday, February 26, 2007 by Ed Finkler in Infosec Education, R&D, Secure IT Practices
Share:

PHPSecInfo Screenshot PHPSecInfo Screenshot

The newest version of PHPSecInfo, version 0.2, is now available.  Here are the major changes:

  • Added link to “more info” in output.  These lead to pages on the phpsec.org site giving more details on the test and what to do if you have a problem
  • Modified CSS to improve readability and avoid license issue with PHP (the old CSS was derived from the output of phpinfo())
  • New test: PhpSecInfo_Test_Session_Save_Path
  • Added display of “current” and “recommended” settings in test result output
  • Various minor changes and bug fixes; see the CHANGELOG for details

-Download now

-Join the mailing list

 

Tags: infosec, php, tool, phpsecinfo, php-security, audit

Post a comment (0 so far) »