Australian Joomla User Groups - Joomla.org.au

Monday, May 21st

Last update05:36:30 AM GMT

About Guides FAQs

Font Size

Screen

Profile

Layout

Menu Style

Apply Reset  
Cpanel
Welcome, Guest
Username Password: Remember me
Forgot your password? Forgot your username? Create an account
JoomlaOz
JoomlaOz
JoomlaOz Discussion

jhttp_scan A Utility for scanning Joomla sites
(1 viewing) (1) Guest
Reply Topic
New Topic
  • Page:
  • 1

TOPIC: jhttp_scan A Utility for scanning Joomla sites

jhttp_scan A Utility for scanning Joomla sites 2 years, 2 months ago #2620

  • eddieajau
  • OFFLINE
  • Administrator
  • Posts: 50
  • Karma: 2
I'm often asked to do a security review of extensions for some clients. This can be daunting but one of the easiest safety checks to do is ensure the define('_JEXEC') or die line is in every PHP file. I've written this tool to help automate that process.

www.theartofjoomla.com/extensions/jhttp-scan.html

I'd love it if some site implementers can run it over their standard "stacks" to see what they come up with.

Please note, this is not an extension, it's a command line utility.

And just for reference, the next steps I do is a sweep on global variables, then I check every database setQuery call to ensure variables are being correctly sanitised.
Reply Quote
Reply Topic
New Topic
  • Page:
  • 1
JoomlaOz
JoomlaOz
JoomlaOz Discussion
Powered by Kunena
Time to create page: 0.30 seconds
You are here: Forum

Australian Joomla User Groups : Sydney Joomla User Group : Melbourne Joomla User Group : Adelaide Joomla User Group : Canberra Joomla User Group : Brisbane Joomla User Group : Byron Bay Joomla User Group : Perth Joomla User Group : Toowoomba Joomla User Group