security Archives

Exakat 1.7.7 Review

Posted on May 1, 2019October 6, 2020 by dams

01
May

Exakat 1.7.7 Review Exakat 1.7.7 brings two new analyses : implode() with one argument, and a sneaky security vulnerability. It is the infamous check with integers. Show me the Exakat 1.7.7 review now! Implode() with one argument Implode() is a PHP native function, which has been around since the last millennium. I am pretty certain […]

Continue reading →

Technology

Exakat 1.6.6 Review

Posted on February 12, 2019October 6, 2020 by dams

12
Feb

Exakat 1.6.6 Review The Exakat 1.6.6 was born in Miami, during sunshine PHP 19. The conference is incredibly energetic, and with the help of fellow attendees, it provided inspiration for some interesting update : PHP supports strings with logical operators (good for security); Exakat reviews typehint and check if they are sufficient in the method […]

Continue reading →

Code auditing, Technology

Exakat 1.5.5 review

Posted on November 27, 2018October 6, 2020 by dams

27
Nov

Exakat 1.5.5 Review Exakat 1.5.5 is the sinkterklas version : it brings a lot of speed, reports and analysis on its boat, from Spain. Seriously, Exakat 1.5.5 now reports your HTTP headers for unsafe configuration; it also suggests speed up tricks for fputcsv(), and it recommends using the file() functions, instead of fileget_contents(). Then, Exakat […]

Continue reading →

Code auditing, Technology

The Land Where PHP Uses eval()

Posted on October 2, 2018December 18, 2023 by dams

02
Oct

The Land Where PHP Uses eval() It is 2018, and the PHP world useseval() in more than 28% of every PHP code source. It is repeatedly reported as a security issue and a performance bottleneck, and a memory hazard. Yet, we can’t get rid of it. It seems reasonable to think that most of eval […]

Continue reading →

Event

Comment automatiser la revue de code du TOP 10 OWASP ?

Posted on March 7, 2018 by dams

07
Mar

Comment automatiser la revue de code du TOP 10 OWASP ? On ne présente plus le TOP 10 de OWASP : l’Open Web Application Security Project est une organisation à but non lucratif qui oeuvre pour la sécurité des applications. Le Top 10 OWASP liste les risques de sécurité des applications. Il a été conçu afin de […]

Continue reading →

Code auditing

Exakat 0.12.15 review

Posted on October 10, 2017 by dams

10
Oct

Exakat 0.12.15 review Exakat 0.12.15 is the second October release. Exakat has three new analysis: one target security with uploaded files, another unanchored regex, and the last is about variables that may hold different types. Also, every audit now sports a name, for easier differentiation: after a while, multiples audits may look the same. Now, […]

Continue reading →

Want to Keep in touch with us, subscribe to our newsletter !

Login