Monday, March 23, 2009

SWFScan - Flash Vulnerability Scanner

HP SWFScan, a free tool developed by HP Web Security Research Group, will automatically find security vulnerabilities in applications built on the Flash platform.
We are offering SWFScan because:

* Our research shows that developers and increasingly implementing applications built on the Adobe Flash platform without the required security expertise.
* As a result, we are seeing a proliferation of insecure applications being deployed on the web.
* A vulnerable application built on the Flash platform widens your website’s attack surface creating more opportunity for malicious hackers.

How SWFScan works and what vulnerabilities it finds:

* Decompiles applications built on the Adobe Flash platform to extract the ActionScript code and statically analyzes it to identify security issues such as information disclosure.
* Identifies and reports insecure programming and deployment practices and suggests solutions.
* Enables you to audit third party applications without requiring access to the source code.


No comments: