Web Application Protection Icon

Web Application Protection


Tool to detect and correct vulnerabilities in PHP web applications

Add a Review
5 Downloads (This Week)
Last Update:
Download wap-2.0.win.zip
Browse All Files
Windows Mac Linux



WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives.

WAP detects the following vulnerabilities:
- SQL injection using MySQL, PostgreSQL and DB2 DBMS
- Reflected cross-site scripting (XSS)
- Stored XSS
- Remote file inclusion
- Local file inclusion
- Directory traversal
- Source code disclosure
- OS command injection
- PHP code injection

WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. It has a low rate of false positives because has implemented a data mining module to predict false positives when detects vulnerabilities.

The output of the tool is:
- shows the vulnerabilities found and how they are corrected
- new files with the corrections

Web Application Protection Web Site


  • Vulnerabilities
  • Web application
  • Automatic correction
  • PHP

Update Notifications

Write a Review

User Reviews

Be the first to post a review of Web Application Protection!

Additional Project Details

Intended Audience

Developers, Security Professionals, Testers

User Interface


Programming Language



Screenshots can attract more users to your project.
Features can attract more users to your project.

Icons must be PNG, GIF, or JPEG and less than 1 MiB in size. They will be displayed as 48x48 images.