WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives.

WAP detects the following vulnerabilities:
- SQL injection using MySQL, PostgreSQL and DB2 DBMS
- Reflected cross-site scripting (XSS)
- Stored XSS
- Remote file inclusion
- Local file inclusion
- Directory traversal
- Source code disclosure
- OS command injection
- PHP code injection

WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. It has a low rate of false positives because has implemented a data mining module to predict false positives when detects vulnerabilities.

The output of the tool is:
- shows the vulnerabilities found and how they are corrected
- new files with the corrections

Features

  • Vulnerabilities
  • Web application
  • Automatic correction
  • PHP

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow Web Application Protection

Web Application Protection Web Site

Other Useful Business Software
$300 Free Credits for Your Google Cloud Projects Icon
$300 Free Credits for Your Google Cloud Projects

Start building on Google Cloud with $300 in free credits. No commitment, no credit card required until you're ready to scale.

Launch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
Start Free Trial
Rate This Project
Login To Rate This Project

User Ratings

★★★★★
★★★★
★★★
★★
2
0
0
0
0
ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5
support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

User Reviews

  • Seemed nice for basic analysis.
  • Many articles are talking about WAP!! Read news in the WAP web site to access to the articles.
Read more reviews >

Additional Project Details

Operating Systems

Linux, Mac, Windows

Intended Audience

Developers, Security Professionals, Testers

User Interface

Console/Terminal

Programming Language

Java

Related Categories

Java Security Software, Java Source Code Analysis Tool

Registered

2014-01-12