Download Shareware and Freeware Software for Windows, Linux, Macintosh, PDA

line Home  |  About Us  |  Link To Us  |  FAQ  |  Contact

Serving Software Downloads in 976 Categories, Downloaded 29.985.028 Times

Security scanner component for SimpleTest module 6.x-1.0

  Date Added: September 16, 2013  |  Visits: 219

Security scanner component for SimpleTest module

Report Broken Link
Printer Friendly Version


Product Homepage
Download (18 downloads)

Automated XSS scan of your Drupal website through Simpletest.This project is based on SimpleTest library which is developed to execute unit and browser testing of PHP code. SimpleTest is a framework for enabling automated code checking and has a browser component available which can simulate users entering form data or retrieving certain URLs. Within Drupal there is a team focused on the development of this recent module. Anyway, based on the results presented in GHOP (http://code.google.com/p/google-highly-open-participation-drupal/issues/...) concerning penetration testing, I would add a vulnerability analysis test for Sql Injection and Cross Site Scripting.This project is inspired by the scanner developed within Yahoo by Rasmus Lerdorf to detect the vulnerabilities in the web application, but that scanner is not open source.Existing tools such as code-checker.php e Coder module's are based on the research of regular expressions within the code, but no tool exists to simulate such attacks to detect vulnerabilities.How to use itThe module works from cron.php page. Tu run it, you have to activate security scanner and xss injector modules from modules page of your drupal installation. Then you have to backup your database. After doing so you have to set "Crawl" into the security scanner settings page and you have to add your own pattern.Then run cron.php file, it will takes a bit (about 100 seconds for me with a drupal default installation and all modules active).After doing that you have to start seeding, go again into the security scanner settings page and check "Seed", than save the settings and re-run cron.php. At this point, your drupal installation will be full of seeds. You could search for vulnerabilities walking into your webite or you can make the scanner do it for you, simply running again cron.php after setting "Checking seeds" into the settings page of the security scanner. If there are vulnerabilities you can see them as warning into the top of your web page after running the thirth time cron.php. Restore your db backup at the end of this process.For those who wants to help, the new Security Scanner Group (http://groups.drupal.org/security-scanner-component) is the right location.

Requirements: No special requirements
Platforms: PHP
Keyword: Backup Based Cronphp Detect Drupal Installation Module Modules Running Scanner Security Settings Simpletest Simulate Vulnerabilities
Users rating: 0/10

License: Freeware Size: 20.48 KB
SECURITY SCANNER COMPONENT FOR SIMPLETEST MODULE RELATED
Chat  -  Drupal Chat Module for Scripts 6.0
123 Flash Chat Server Software Introduction123 Flash Chat Server Software is a feature rich and high performance Java chat server with an amazing Flash chat client! It's a fast, easy and affordable way to host and manage real-time...
2.38 MB  
Modules  -  Job Queue Wrapper 6.x-1.0-beta1
This is a wrapper module which will mimic the API interface of Job Queue to allow the modules which use job queue to use the backported Drupal Queues module http://drupal.org/project/drupal_queue and also allow the use of other modules like the...
10 KB  
Modules  -  D&D Character Generator 6.x-1.0
This module is used to run the D&D Character Generator created by Jesse Smith inside your Drupal installation (D6 only).See his website: http://slicer69.tripod.com/Note that this is for the table top game Dungeons & Dragons version 3.5 only.Happy...
184.32 KB  
Utilities  -  PlayOnLinux 4.0.16
PlayOnLinux is a piece of sofware which allows you to easily install and use numerous games and apps designed to run with Microsoft?*A* Windows?*A*. Few games are compatible with GNU/Linux at the moment and it certainly is a factor preventing...
3.5 MB  
Modules  -  Scoutle 6.x-1.1
Support for the Scoutle social networking service. It enables the use of Scoutle stages that can be embedded in websites which connect blogs to other related blogs. For a website to embed a stage, the website has to be registered with a scout on...
10 KB  
Modules  -  WYSIWYG ImageField 6.x-1.1
The WYSIWYG ImageField module is an inline image management tool for the WYSIWYG module based on the ImageField and Insert modules with an IMCE-esque image library provided by the FileField Sources and Views modules.Features: * Support for WYSIWYG...
20.48 KB  
Modules  -  Multisite Search 1.0
This module allows you to create a way for end users to search across *all* sites seamlessly in a multi site Drupal installation. Users can search content of all the sites (Drupal multi site) and search can be initiated from any of the multi site...
 
Modules  -  Drupal Documentation 6.x-1.x-de
This provides Drupal documentation in a downloadable module that you can install and use from within your Drupal installation. This is not the project or issue queue that is used for the Drupal.org handbooks, you can find that under the...
10 KB  
Modules  -  Inline and link Drupal objects (Linodef) 6.x-1.0-rc5
Linodef is an input filter for embedding content of your Drupal installation (Drupal objects) into any textarea and link to it. The tags are based exclusively on object IDs which enables a highly dynamic usage. So links won't break and the...
71.68 KB  
Modules  -  Taxonomy CSV import 1.0
Installation - Copy the taxonomy_csv directory into the appropriate modules directory in your Drupal installation (recommended: sites/all/modules). - Go to Administer > Site building > Modules and enable the Taxonomy CSV import module. - Go to...
 
NEW DOWNLOADS IN SCRIPTS, MODULES
Scripts  -  Free Ecommerce website creator 1.2
Free Ecommerce website creator is a free PHP shop creating script. This allows you to put a online shop on your own website. Create your own free ecommerce website for Your Business. Create an online shop using easyGUI online shop creator. The...
1.44 KB  
Scripts  -  MochiGames PHP Script ZDR 1.00
MochiGames PHP Script ZDR is web site, ready for use, for flash games. These flash games are downloaded automatically by "MochiGames PHP Script ZDR" from MochiGames media. The use of the games is free, you can use your own Mochi Publisher ID and...
368.54 KB  
Scripts  -  Php Chat 2.0
Add a free php site, single sign-on and multiple skins, 100% free 1. Server Modes: The chat server has paid mode and free mode. If the free chat mode, a free chat room will be assigned to your website with your domain as the room name. 2....
938.87 KB  
Scripts  -  Nibbleblog 3.0.1
Nibbleblog it's a powerful engine for creation and manipulation of BLOG's completely free. Very simple to install and configure (Only 1 step). The database used is based on XML files and this way it is not necessary to use MySQL or similar DBMS....
371.09 KB  
Scripts  -  PHP File Manager | CloudOsys 2.9b8
CloudOsys is a PHP file manager, a tool that allows your visitors upload files such as media content directly to your website. Your visitors will upload files directly to your website, where they can share and comment on them. Through cloud...
1.41 MB  
Modules  -  TinyMCE Node Picker 6.x-2.1
This module will de discontinued and replaced with Node Picker as soon as a stable release is available.TinyMCE Node Picker provides a button in TinyMCE that displays a list of links to content. Choosing a link inserts it into the editor.The...
20.48 KB  
Modules  -  Fapilicious 5.x-1.x-de
Fapilicious is a collection of FormAPI goodies.I hope to make it a repository of reusable FormAPI trickery and short cuts. Currently it has small collection of powerful FormAPI element validators.Please submit your favorite tricks as patches so we...
10 KB  
Modules  -  Donation Goals 6.x-1.x-de
The Donation Goals module lets you create nodes of the type "Donation Goal." These goals allow you to set an amount of money you'll need for whatever you're saving up for. Visitors of the site can then donate money through PayPal. Once the target...
20.48 KB  
Modules  -  Plica Twitter 1.0.1
Plica TwitterInstallation : * Download, unzip, and install plugin dir in /wp-content/plugins * Activate * All right now
10 KB  
Modules  -  Page Array 5.x-1.x-de
The pagearray module is a small (single function) helper module that can be used whenever there is a need to load the output of any Drupal path in data form. Based on the code in index.php, Page Array bypasses the theme('page') call, instead...
10 KB