About
-
Detect and fix security vulnerabilities on server side within seconds.
von
in PHP(See bigger version with better quality at https://chorizo-scanner.com/flash_morcilla ) This video shows you how Morcilla, our brand new PHP extension, lets Chorizo! have a look inside your application on the server. We are able to hook into every PHP function and trace the payloads of Chorizo!. By default, Morcilla hooks into the whole MySQL function…
-
New Help Center for Chorizo!
von
in ChorizoGo and check out Chorizo!’s new Help Center. We extended the existing tutorials and provide a smooth overview about the current documentation. Included is an overview about all the scanner plugins Chorizo! is using and explain a bit what each plugin does. For example, if we detect SQL injection vulnerabilities in your PHP/MySQL based application,…
-
Make the download of large files with PHP (and lighty) very easy
von
in PHPAs you may know, our friend Jan Kneschke is the creator of lighttpd (called „lighty“), a superb OpenSource webserver (designed for speed and easyness) where we provide exclusively consulting and implementation services for. Some days ago I stumbled upon an old entry of Jan in lighty’s life, called „X-Sendfile“. There he explains how to speed…
-
The proxy mode of Chorizo – and a sneak peak to Morcilla, Chorizo’s little sister.
Web applications nowadays use AJAX features to provide a very comfortable interface to their users. XmlHttpRequest is the technique that is used to pull data from the server in the background. Have you ever asked yourself how to track down security issues in your XmlHttpRequests without losing too much time? Well, Chorizo gives you the…
-
To be one step ahead with AppArmor in your web server’s environment
von
in PHPOur first experiences with Novell’s AppArmor Imagine you plan to offer an application service hosted on a common LINUX box. That is not very difficult at all, so you have to go on and choose your favourite distribution, installing and configuring some servers (e.g. web- and database servers) and finally adding your web based application…
-
Practical Testing PHP Applications with Selenium
von
Testing software whilst ongoing development seems to be a boring job containing a lot of reoccurring tasks. You might end up entering the same test data, most of the time not really context relevant one like for example „foo“ or „bar“, into the same web-forms and get the feeling of doing work that is not…
-
lighttpd’s mod_cml will change
von
in PHPYou may have read Jo’s blog entry Methods to reduce the load of your webserver by caching content: using lighttpd, MySQL UDF, LUA and speed everything up. He explained there how to use lighttpd and its mod_cml together with MySQL to provide a caching system directly at the webserver, and not at the PHP level.…
-
Handling large files with(out) PHP
von
in PHPAs one man was quoted "640K of memory should be enough for anybody" no one will need to access more than 2 GB data. What happens if you – just for scientific reasons of course – try to access larger files using your 32bit hardware and your favorite programming language PHP? For a first test…
-
Stacking up the free accounts: recursive scans
Chorizo’s standard account already contains recursive scans from the current URL. This means that Chorizo! is able to follow URLs from forms etc. automatically until a recursive level that you are able to set. From now on, the free accounts also benefit from this feature which makes it very handy to scan sites more deeply.…