Monday, January 9, 2012

PHP Vulnerability Hunter v. Released

PHP Vulnerability Hunter is an advanced automated whitebox fuzz testing tool capable of triggering a wide range of exploitable faults in PHP web applications. Minimal configuration is necessary to begin a scan; PHP Vulnerability Hunter doesn’t even need a user specified starting URI.


Added tooltips to GUI
Added input map report
Added automatic error reporting
Added connection timeout setting
Added port setting
Added code coverage accuracy options
Added static analysis phase
Added dynamic function call/class instantiation scan
Added superglobal hook option
Added repair mode Minor CLI tweaks
Changed default timeout to 60 seconds
Scan mode and input count now shown with each response
Several improvements to code annotation
Updated help menu shortcut to point to local copy of guide
Several launcher improvements
Improved XSS scan
Reports and dumps are now written to subdirectory
Alert messages are now sanitized to remove beep chars
Fixed GUI window size
Fixed client connection error handling
Fixed multiple http implementation bugs  


No comments: