Code Review Software

Hi,

i have an application that allows users to login and update sensative information as well as upload download content.

i would like to know if there is a good software out there that can look over my code and determine if there are some loops.

essentially i want to have a product that will do basic scans, prentration and vunerability scans  before i pay a professional to look over it

thanks a lot
LVL 6
J NUnicorn wranglerAsked:
Who is Participating?
 
btanExec ConsultantCommented:
Specific to owasp top 10 vulnerability for php and php security open consortium sharing of specific gaps ..you can check this out below

http://www.sklar.com/page/article/owasp-top-ten
http://phpsec.org/projects/guide/

Tools wise you may want to see RIPS or DevBug

http://sourceforge.net/projects/rips-scanner/
http://www.devbug.co.uk/#
0
 
J NUnicorn wranglerAuthor Commented:
the code i am looking to be reviewed is php
0
 
btanExec ConsultantCommented:
0
 
Rich RumbleSecurity SamuraiCommented:
There are some tools out there as well that look at your source
PHP Code Sniffer, PHP Sat, PHP AST, PHP Lint, PHP Depend, xDebug
Often these tools however do not detect what you're aiming to detect, and they certainly don't secure your code. There are a lot of do not do's in PHP and coding in general. Scan your web application using Nessus/MetaSploit/W3af/Nikito. If you use MySQL or MSSQL you can use SQLNinja (ms only) and or SQLmap to detect injections. Have a look here
http://www.coresec.org/2011/07/18/sql-injection-scanners/
-rich
0
 
J NUnicorn wranglerAuthor Commented:
thanks everyone BIG help!!!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.