Web Application Protection download

WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives.

WAP detects the following vulnerabilities:
- SQL injection using MySQL, PostgreSQL and DB2 DBMS
- Reflected cross-site scripting (XSS)
- Stored XSS
- Remote file inclusion
- Local file inclusion
- Directory traversal
- Source code disclosure
- OS command injection
- PHP code injection

WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. It has a low rate of false positives because has implemented a data mining module to predict false positives when detects vulnerabilities.

The output of the tool is:
- shows the vulnerabilities found and how they are corrected
- new files with the corrections

Features

Vulnerabilities
Web application
Automatic correction
PHP

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow Web Application Protection

Web Application Protection Web Site

Other Useful Business Software

Our Free Plans just got better! | Auth0

With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.

Try free now

Rate This Project

User Ratings

5.0 out of 5 stars

★★★★★

★★★★

★★★

★★

★

ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

User Reviews

Filter Reviews:

All

aaditya1234 Posted 2017-06-20

Seemed nice for basic analysis.
iberiam Posted 2014-12-09

Many articles are talking about WAP!! Read news in the WAP web site to access to the articles.

Additional Project Details

Operating Systems

Linux, Mac, Windows

Intended Audience

Developers, Testers, Security Professionals

User Interface

Console/Terminal

Programming Language

Java

Related Categories

Java Security Software, Java Source Code Analysis Tool

Registered

2014-01-12

Similar Business Software

Trusted Knight Protector Web

Protector Air is focused on protecting individual sessions and the transactions within those sessions. Protector Web further protects the web server with enterprise-grade web application security and DDoS protection. Protector Web eliminates website and application vulnerabilities such as...

See Software
PHP Secure

PHP Secure is a FREE code scanner that analyzes your PHP code for critical security vulnerabilities. Free online scanner: - Quickly and qualitatively finds web app vulnerabilities - Gives explicit reports and recommendations to fix vulnerabilities - Easy to use and requires no...

See Software
Vega

Vega can help you find and validate SQL Injection, cross-site scripting, inadvertently disclosed sensitive information, and other vulnerabilities. It is written in Java, GUI based, and runs on Linux, OS X, and Windows. Vega can help you find vulnerabilities such as: reflected cross-site...

See Software