Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Code Review Software

Posted on 2013-01-18
5
Medium Priority
?
291 Views
Last Modified: 2013-01-21
Hi,

i have an application that allows users to login and update sensative information as well as upload download content.

i would like to know if there is a good software out there that can look over my code and determine if there are some loops.

essentially i want to have a product that will do basic scans, prentration and vunerability scans  before i pay a professional to look over it

thanks a lot
0
Comment
Question by:J N
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 6

Author Comment

by:J N
ID: 38793574
the code i am looking to be reviewed is php
0
 
LVL 64

Assisted Solution

by:btan
btan earned 1336 total points
ID: 38795840
0
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 664 total points
ID: 38796382
There are some tools out there as well that look at your source
PHP Code Sniffer, PHP Sat, PHP AST, PHP Lint, PHP Depend, xDebug
Often these tools however do not detect what you're aiming to detect, and they certainly don't secure your code. There are a lot of do not do's in PHP and coding in general. Scan your web application using Nessus/MetaSploit/W3af/Nikito. If you use MySQL or MSSQL you can use SQLNinja (ms only) and or SQLmap to detect injections. Have a look here
http://www.coresec.org/2011/07/18/sql-injection-scanners/
-rich
0
 
LVL 64

Accepted Solution

by:
btan earned 1336 total points
ID: 38797552
Specific to owasp top 10 vulnerability for php and php security open consortium sharing of specific gaps ..you can check this out below

http://www.sklar.com/page/article/owasp-top-ten
http://phpsec.org/projects/guide/

Tools wise you may want to see RIPS or DevBug

http://sourceforge.net/projects/rips-scanner/
http://www.devbug.co.uk/#
0
 
LVL 6

Author Closing Comment

by:J N
ID: 38801321
thanks everyone BIG help!!!
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Originally, this post was published on Monitis Blog, you can check it here . In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
Without even knowing it, most of us are using web applications on a daily basis.  In fact, Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We generally confuse these web applications to…
Viewers will learn about arithmetic and Boolean expressions in Java and the logical operators used to create Boolean expressions. We will cover the symbols used for arithmetic expressions and define each logical operator and how to use them in Boole…
Viewers will learn one way to get user input in Java. Introduce the Scanner object: Declare the variable that stores the user input: An example prompting the user for input: Methods you need to invoke in order to properly get  user input:

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question