WAP – Web Application Protection – Tool to detect and correct vulnerabilities in PHP web applications

WAP 2.0 is a source code static analysis and data mining tool to detect and correct input validation vulnerabilities in web applications written in PHP (version 4.0 or higher) with a low rate of false positives.

WAP detects and corrects the following vulnerabilities:

SQL Injection (SQLI)
Cross-site scripting (XSS)
Remote File Inclusion (RFI)
Local File Inclusion (LFI)
Directory Traversal or Path Traversal (DT/PT)
Source Code Disclosure (SCD)
OS Command Injection (OSCI)
PHP Code Injection

This tool semantically analysis the source code. More precisely, it does taint analysis (data-flow analysis) to detect the input validation vulnerabilities. The aim of the taint analysis is to track malicious inputs inserted by entry points ($_GET, $_POST arrays) and to verify if they reaches some sensitive sink (PHP functions that can be exploited by malicious input). After the detection, the tool uses data mining to confirm if the vulnerabilities are real or false positives. At the end, the real vulnerabilities are corrected with the insertion of the fixes (small pieces of code) in the source code.