Updated: 05/14/2008

PHP Penetration Tests (XSS, SQLI, CFLF, ACU)

PHP Penetration Test is a program for performing simple form based security tests. Securing the internet is upon to developers to create proper forms and applications. This is a tool for testing individual fields and values from various attacks. How to use this program: * Grab url of address you wish to test, the action url. * Click Tamper Post, 10 fields appear that are post field name : post field value * If you wish to test a post field click XSS for cross-side scripting or hit for SQL Injection tests * Then hit Run, it will tell you if it has exploits or if doesn t have a tested exploit. How to protect against XSS attacks * Clean all text displayed from user inputs with filter (ex. preg_replace( [a-z0-9] ,$ str);) How to protect against SQL Injections * Clean all inputs * Also escape text with mysql_escape_string() How to protect against Auth Attacks How to protect against Directory Access Attacks How to protect against CRLF attacks

• Categories
  • PHP →
  • Scripts and Programs →
  • Server Management
• Tags
  • access url,
  • action form php,
  • action php scripting,
  • create directory php,
  • create sql user,
  • create user sql,
  • form action php,
  • form php action,
  • form php post,
  • form php simple,
  • form post,
  • form post php,
  • form value,
  • forms php,
  • forms value,
  • how to use php,
  • if php then,
  • if sql,
  • if sql then,
  • if then php,
  • if then sql,
  • injection php sql,
  • injection sql,
  • penetration,
  • php action,
  • php action form,
  • php action post,
  • php address,
  • php and sql injection,
  • php auth user,
  • php developers,
  • php exploits,
  • php field,
  • php field name,
  • php fields,
  • php filter,
  • php form action,
  • php form post,
  • php forms,
  • php forms post,
  • php how to use,
  • php if and then,
  • php if then,
  • php if then or,
  • php injection,
  • php post,
  • php post form,
  • php post forms,
  • php scripting,
  • php sql,
  • php sql injection,
  • php sql injection attacks,
  • php test form,
  • php testing tool,
  • php url,
  • php user auth,
  • php with access,
  • post form,
  • post php,
  • securing php,
  • securing php forms,
  • securing sql,
  • simple php forms,
  • sql address,
  • sql based,
  • sql create,
  • sql create directory,
  • sql create user,
  • sql developers,
  • sql exploits,
  • sql if,
  • sql if then,
  • sql injection attacks,
  • sql injection php,
  • sql scripting,
  • sql scripting tool,
  • sql test,
  • sql testing,
  • sql tool,
  • sql user name,
  • test sql,
  • test with php,
  • text sql,
  • url php,
  • _post php,
  • _post php form
  • ...
• Platforms
  • Linux,
  • Windows,
  • FreeBSD,
  • Mac OSX,
  • Sun Solaris
• Licenses
  • Freeware
• Author
  • Hawk Enterprises