Have you ever asked yourself how to track down security issues in your XmlHttpRequests without losing too much time? Well, Chorizo gives you the answer: the proxy mode. By using Chorizo! in this (preferred) mode, you can assure that every request your application makes (whether it is a XmlHttpRequest call or a Flash client that pulls data from a PHP script in the background) will be tracked by Chorizo! and thus scanned for security flaws.
It might be interesting to note that the proxy itself was written in PHP :-) We measured it is able to make up to 100 scans/second. In order to secure your server for a DOS attack ;-), we implemented a heuristic that automatically reduces the number of parallel scans if the server doesn’t respond fast enough.
If you want to give it a try, here’s a sneak peak (screenshots!) about Morcilla, our upcoming server-side PHP extension which will only be available in the commercial accounts.