Hawk Enterprises
http://www.hawkenterprises.org

Demo
PHP Penetration Test is a program for performing simple form based security tests. Securing the internet is upon to developers to create proper forms and applications. This is a tool for testing individual fields and values from various attacks. How to use this program:

* Grab url of address you wish to test, the action url.
* Click Tamper Post, 10 fields appear that are “post field name” : “post field value”
* If you wish to test a post field click XSS for cross-side scripting or hit for SQL Injection tests
* Then hit Run, it will tell you if it has exploits or if doesn’t have a tested exploit.

How to protect against XSS attacks

* Clean all text displayed from user inputs with filter (ex. preg_replace(’[a-z0-9]‘,$str);)

How to protect against SQL Injections

* Clean all inputs
* Also escape text with mysql_escape_string()

How to protect against Auth Attacks How to protect against Directory Access Attacks How to protect against CRLF attacks
Download PHP Penetration Tests (Requires Login)