Archive for the ‘sql’ Category

Pixy: XSS and SQLI Scanner for PHP Programs

Pixy is a free Java program that performs automatic scans of PHP 4 source code, aimed at the detection of Cross-site scripting (XSS) and SQL injection (SQLI) vulnerabilities. Pixy takes a PHP program as input, and creates a report that lists possible vulnerable points in the program, together with additional information for understanding the vulnerability.

There is also a easy to use webinterface where you can upload your files or paste the code to analyse it.