June 19, 2009
PHP Interpreter Modified To Find XSS and Injection Holes, Automatically Generates Attacks
Researchers have built a tool that automatically finds and exploits SQL injection and cross-site scripting vulnerabilities in Web applications. The so-called Ardilla tool uses a technique developed by the researchers -- MIT's Adam Kiezun, the University of Washington's Michael Ernst, Stanford's Philip Guo, and Syracuse University's...