RIPS: A Static Code Analysis Tool
RIPS is a static source code analyzer or you can say it is a kind of static code analysis tool that can automatically detect the vulnerabilities in web applications of PHP.
It’s initial version was designed in PHP as well as it was released during the Month of PHP Security in May 2010 which performs as open-source software.
Here is a new version is available which is rewritten in PHP and it is available as cloud and also it has the standalone product that beats the fundamental limitations of the open source version.
Here are the detection of the following vulnerability types is supported:
- Code Execution
- Command Execution
- Connection String Injection
- Cross-Site Scripting
- HTTP Response Splitting
- File Disclosure
- File Inclusion
- File Manipulation
- LDAP Injection
- PHP Object Injection
- SQL Injection
- XPath Injection
RIPS is controlled through the web interface. It permits to start the scans in local directories for particular types of vulnerability or to execute the searches of the regular expression. Whereas identifying the vulnerabilities that are available in the web interface with a few set of infected code lines as well as a summary of vulnerability.
For each and every vulnerability there is an integrated code viewer which can be disclosed in order to highlight the infected code lines in the real source code. Besides, there is a help which is accessed to recognize the vulnerability as well as it develops can be created automatically. The interface also recommends a list of scanned PHP files, user-defined functions, as well as detected sources.
GNU General Public License version 3.0 (GPLv3)
- It can detect XSS, SQLi, File disclosure, LFI/RFI, RCE vulnerabilities and more
- 5 verbosity levels for debugging your scan results
- It marks vulnerable lines in source code viewer
- It can highlight variables in the code viewer
- It is user-defined function code by mouse-over on detected call
- It can active jumping between function declaration and calls
- It prepares list of all user-defined functions (defines and calls), program entry points (user input) and scanned files (with includes) connected to the source code viewer
- Graph visualization for files and includes as well as functions and calls
- It can create CURL exploits for detected vulnerabilities with few clicks
- Visualization, description, example, PoC, patch and securing function list for every vulnerability
- 7 different syntax highlighting color schemata
- It can display scan result in form of a top-down flow or bottom-up trace
- There is only minimal requirement is a local webserver with PHP and a browser (tested with Firefox)
- It has regex search function