In the months following the PHP "Month of Bugs", we have seen all sorts of exploits developed and publicized ranging from the obscure to warnings of vulnerable WordPress-based blogs. How do you know if your PHP applications are not affected by a bug, or worse yet, already compromised? Bring in a new tool from Secure Systems Lab - Pixy, an open source vulnerability scanner for PHP applications. Get this before they get you!

Cross-site scripting (XSS) and SQL injection (SQLI) vulnerabilities are present in many modern web applications, and are reported continuously on pages such as BugTraq. In the past, finding such vulnerabilities usually involved manual source code audits. Unfortunately, this manual vulnerability search is a very tiresome and error-prone task.

The link for this article located at Secure Systems Lab is no longer available.