-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathsecreview.php
66 lines (54 loc) · 1.28 KB
/
secreview.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
<?php
/**
* secreview.php is a command-line only tools used for identifying potentially
* vulnerable code.
*
*/
//include("lib/secreview.php");
include ("lib/xss.php");
//include ("lib/sqli.php");
/**
* [NOTES] (will be removed eventually) ..still developing..
*
* instantiate our classes and make sure things are good to go.
*
* Processes
* =========
*
* Run checks against code looking at functions and flow to determine:
* - is input tainted?
* - is it sanitize?
* - does tainted input flow into output?
* - was is sanitized?
* - is it encoded?
* - does tainted input flow into a database?
* - was is sanitized?
* - does output from a database get encoded before output to user?
*
* Identify the following:
* - entry points
* - tainted input
* - tainted database queries
* - output points
* - input from user
* - database
*
* We need a request class that will generate requests
*
* Questions:
* How are we going to know what to run our command-line tests against?
*
*/
$codebase = $argv[1];
echo "[*] Performing security review on codebase: " . $codebase . "\n";
$secrev = new secrevphp\Xss();
/**
* TESTING [begin]
* code in this section is to be used purely for testing purposes
*
*/
$secrev->identify_inputs();
/**
* TESTING [end]
*/
?>