Security scanner component for SimpleTest module
- Downloads:
- Views:
- Rating:

Automated XSS scan of your Drupal website through Simpletest.
This project is based on SimpleTest library which is developed to execute unit and browser testing of PHP code. SimpleTest is a framework for enabling automated code checking and has a browser component available which can simulate users entering form data or retrieving certain URLs. Within Drupal there is a team focused on the development of this recent module. Anyway, based on the results presented in GHOP (http://code.google.com/p/google-highly-open-participation-drupal/issues/...) concerning penetration testing, I would add a vulnerability analysis test for Sql Injection and Cross Site Scripting.
This project is inspired by the scanner developed within Yahoo by Rasmus Lerdorf to detect the vulnerabilities in the web application, but that scanner is not open source.
Existing tools such as code-checker.php e Coder module's are based on the research of regular expressions within the code, but no tool exists to simulate such attacks to detect vulnerabilities.
How to use it
The module works from cron.php page. Tu run it, you have to activate security scanner and xss injector modules from modules page of your drupal installation. Then you have to backup your database. After doing so you have to set "Crawl" into the security scanner settings page and you have to add your own pattern.
Then run cron.php file, it will takes a bit (about 100 seconds for me with a drupal default installation and all modules active).
After doing that you have to start seeding, go again into the security scanner settings page and check "Seed", than save the settings and re-run cron.php. At this point, your drupal installation will be full of seeds. You could search for vulnerabilities walking into your webite or you can make the scanner do it for you, simply running again cron.php after setting "Checking seeds" into the settings page of the security scanner. If there are vulnerabilities you can see them as warning into the top of your web page after running the thirth time cron.php. Restore your db backup at the end of this process.
For those who wants to help, the new Security Scanner Group (http://groups.drupal.org/security-scanner-component) is the right location.
Free download from Shareware Connection - Automated XSS scan of your Drupal website through Simpletest.
Version: 6.x-1.0 | Size: 20 KB | Platform: PHP, Scripts
Released Date: 23-06-2013 | Rating: 0 | Title: Security scanner component for SimpleTest module
Author Url: http://drupal.org
Program Info Url: http://drupal.org
Download Url: http://ftp.drupal.org/files/projects/security_scanner-6.x-1.0.tar.gz
bbPress Post Topics
Mobile Comments Signature
bbPress Admin Bar Addition
All In One Social Network Buttons
Add image to Post
Toggle WWW
Simple Full Screen Background Image
Mobile App Showcase Widget
Trucking Cargo Fleet Mgmt
BanglaPress
Paint Color Insert Tool
Add Links to Pages
Zopim Live Chat Addon
Social Networks
Affiliate Programs
Animation
Auctions
Audio Systems
Banner Rotation
Blog
Bulletin Boards & Forums
Business & Enterprise
Buttons
Calendars & Events
Charts & Graphs
Chat
Classified Ad Managers
Communication
Dell Automated Scan
Automated Scan Save
Dell Pc Automated Scan
Automated Ebay Scan
Ocr Scan Automated
Acronis Backup & Recovery 11 Advanced Server - Acronis Backup & Recovery Advanced Server provides enterprise functionality and system restore backup data, such as: data deduplication, security improved, based management strategies and scoreboard operations.
Aobo Filter for Mac Standard - Aobo Filter for Mac Standard is an internet filtering and website blocking application that helps Mac OS X users to block adult websites, stop games, applications and record visited websites on Mac. Aobo Filter for Mac Standard provides 5-day free tr
Parrot Backup - Parrot Backup is the free, easy-to-use software that makes it simple to backup your important files to a flash drive, CD, DVD, Blu-ray, external hard drive, or network drive. Parrot Backup contains no malware and no ads.
EZ Eudora Backup Premium - EZ Eudora Backup Premium makes it easy to backup your mail and address book to a ZIP archive or to CD/DVD and works with the Windows Task Scheduler to provide a completely automated backup solution.
EZ Eudora Backup Pro - EZ Eudora Backup Pro makes it easy to backup your mail and address book to a ZIP archive or to CD/DVD and works with the Windows Task Scheduler to provide a completely automated backup solution.
Shareware Connection periodically updates pricing and software information of 'Security scanner component for SimpleTest module' from company source 'Dario Ghilardi' , so some information may be slightly out-of-date. You should confirm all information before relying on it. Software piracy is theft, Using 'Security scanner component for SimpleTest module' crack, password, serial numbers, registration codes, key generators is illegal and prevent future development of Security scanner component for SimpleTest module.
7-Data Recovery Suite Free Edition - When you are dealing with lots of data it may be necessary at times to recover deleted data. The data may be deleted by mistake or by someone else. In such instances, it becomes necessary to retrieve the deleted data. You need to use third party ...
Imagina - Average PC users have to deal with an ever increasing number of digital images these days. This has become a trend after invasion of digital cameras and smart phone with high quality cameras among the mass. You also need to edit and retouch ...
Potatoshare Systemnanny - People use PCs for various needs nowadays. A computer is not used to run office productivity or accounting software alone anymore. It is also used for tasks like web browsing, media playback, file conversion, and myriad related needs. After ...
Qustodio Free Parental Control - Without using the Internet, it is extremely difficult to obtain information, seek entertainment or look for study references but there is a downside to it as well. While some tech savvy kids master the tricks to bypass monitoring of their parents ...
EasyBrake - PC users often need to convert videos from various formats to other formats that suit their needs. As expected, there are hundreds of free and paid apps to accomplish such tasks nowadays. It is not mandatory that you will have to pay a high ...
Quick Crypt - PC users have become more conscious and careful about privacy of their data these days, especially about the data they need to share with others. There are valid reasons for this trend. Instances of personal information theft and attacking are on ...
HDD Guardian - No matter how costly a desktop or laptop is, it is necessary to keep a tab on its hardware components. While you can spot signs and symptoms of hardware malfunction and impending failure in some instances, some mishaps may just strike you out of ...
ChrisPC Free Video Converter - Even a few years back, video conversion was not commonplace among average PC users. However, with tremendous progress made in computer software and hardware things have changed. Now, it is quite common to see your neighborhood college student ...
MusicBee - Irrespective of what type of a PC you use, it will be necessary to use a media player app from time to time. If the WMP is not your cup of tea, you will have to pick from third-party music player apps. The problem with some such apps is that ...
Privatefirewall - Everything in life has two sides to it and same can be said about technological innovations. It is quite hard to carry out most activities without resorting to the web these days. Yet the internet itself is also the reservoir of malicious ...
