Pixy is a XSS and SQLI Scanner for PHP Program. It is very good in finding Cross-Site Scripting (XSS) and SQL Injection (SQLI) vulnerabilities. Its Web page is http://pixybox.seclab.tuwien.ac.at/pixy/.
We are providing a wrapper for Pixy that allows handling of multiple files and parsed output.
yum install --enablerepo slc5-testing,slc5-cernonly pixy
# as ROOT # * install Sun Java 1.6+ # * install graphviz # * install Perl # * install perl-LC library # RPM: http://linuxsoft.cern.ch/cern/slc5X/i386/yum/os/perl-LC-1.1.2-1.noarch.rpm # source code: http://cons.web.cern.ch/cons/perl/ # as REGULAR USER or ROOT - as you prefer cd <where you want to have Pixy code> wget http://pixybox.seclab.tuwien.ac.at/pixy/dist/pixy_3_03.zip unzip pixy_3_03.zip cd Pixy rm -rf run-all.pl run-all.bat scripts testfiles test src wget -O pixy http://cern.ch/security/codetools/files/pixy sed -i "s|/usr/share/java/pixy|`pwd`|" pixy chmod u+x pixy
Pixy will report vulnerabilities found, and will generate dependency graphs, to help you understand how a non-sanitized user input value is used in subsequent PHP commands/calls, until it is used for generating HTML (resulting in Cross-Site Scripting vulnerability) or for accessing a database (resulting in SQL Injection vulnerability. We strongly encourage you to look at these graphs - they are extremely useful in localising the vulnerability.
Warning Unfortunately, Pixy may sometimes throw a Java exception. These errors are not deterministic, so don't get discouraged and just try again running Pixy with exactly the same arguments as before.
Just point Pixy to the directory with your PHP code.
pixy -c --xml -o report.xml -t report_directory <path_to_directory>
Run pixy -h for help.