A service passed beta testing and switched to the operating mode. And we can surely say that 9 of 10 vulnerabilities found by it exist! This figure is higher than that of any other vulnerability of PHP code scanner. The number of found vulnerabilities is also higher than that of any other PHP code scanner as well as input selection options scanner. The only requirement for scanning is to download the archive which includes all the functions used in the scanned files. The scanner interprets any functions which are not described in a downloadable archive as dangerous. That can cause errors in the report.
If you are not able to download the files with the description of these functions, please indicate their name in the list box of shielded functions, separated by commas.
Some mistrustful people accused our scanner of stealing a source code. Therefore, we divided the scanner into a client part and a server part. For those who are not afraid to download the source code, it works just as before. But now you can also download the client part (in Java). Copy the file to your project folder and run it. The script will analyze the files and choose the parts of the code necessary for further analysis. All this is collected and stored in the file. You will only have to fill this file in the server part of the scanner and get a report.
The scanner is a pseudo-free product. It shows the total number of the found vulnerabilities and the first three of them. The full report of scanning is available for VIP users. It requires registration and payment of any convenient for you way. But if you cannot pay for VIP status for some reason, the scanner will provide3 first found vulnerabilities for free. You can see the next 3 during the second scanning, after removing the first three. In any case, you can always turn to us for contacts on the site and we shall help you to eliminate vulnerabilities. All other services on our website are free! Here are some of them:
Find-Date - Searching for shells filled to the site by an attacker.
Find-Port - Checking open ports.
Find-Info - A utility for checking the rights to folders and files.
Find-Error - Mass file check for syntax errors.
Find-Ads - Service of advertising exchange
Find-Ip - Button of Ip. definition.
Find-Online - Button of visitors of your website definition.
Find-Echange-Rate – Currency quotes.
A plugin (Add-on) for FireFox – “Find-XSS-Fire” will be available a few weeks later. It will choose the parameters in address bar in order to find vulnerabilities (XSS, SQL injection, PHP including and others). It certainly will not be such a powerful as our XSS scanner because it looks at site like at a black box, trying to find a key to it. But it can find something that XSS scanner did not find, and is absolutely free like most of our services. “Find-XSS-Fire” is easy to use for hacking another site, and we ask you to refrain from this. The aim of our project is to protect the Internet from hacking, but not vice versa.
I wish you less problems with your project security!