Web Application Protection download

WAP automatic detects and corrects input validation vulnerabilities in web applications written in PHP Language (version 4.0 or higher) and with a low rate of false positives.

WAP detects the following vulnerabilities:
- SQL injection using MySQL, PostgreSQL and DB2 DBMS
- Reflected cross-site scripting (XSS)
- Stored XSS
- Remote file inclusion
- Local file inclusion
- Directory traversal
- Source code disclosure
- OS command injection
- PHP code injection

WAP is a static analysis tool that performs taint analysis to detect vulnerabilities, tracking malicious users inputs and checking if they reach calls of sensitive functions. It has a low rate of false positives because has implemented a data mining module to predict false positives when detects vulnerabilities.

The output of the tool is:
- shows the vulnerabilities found and how they are corrected
- new files with the corrections

Features

Vulnerabilities
Web application
Automatic correction
PHP

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow Web Application Protection

Web Application Protection Web Site

Other Useful Business Software

Train ML Models With SQL You Already Know

BigQuery automates data prep, analysis, and predictions with built-in AI assistance.

Build and deploy ML models using familiar SQL. Automate data prep with built-in Gemini. Query 1 TB and store 10 GB free monthly.

Try Free

Rate This Project

User Ratings

5.0 out of 5 stars

★★★★★

★★★★

★★★

★★

★

ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 0 / 5

User Reviews

Filter Reviews:

All

aaditya1234 Posted 2017-06-20

Seemed nice for basic analysis.
iberiam Posted 2014-12-09

Many articles are talking about WAP!! Read news in the WAP web site to access to the articles.

Additional Project Details

Operating Systems

Linux, Mac, Windows

Intended Audience

Developers, Security Professionals, Testers

User Interface

Console/Terminal

Programming Language

Java

Related Categories

Java Security Software, Java Source Code Analysis Tool

Registered

2014-01-12

Similar Business Software

Google Cloud SQL

Fully managed relational database service for MySQL, PostgreSQL, and SQL Server with rich extension collections, configuration flags, and developer ecosystems. New customers get $300 in free credits to spend on Cloud SQL. You won’t be charged until you upgrade. Reduce maintenance costs with...

See Software
DbVisualizer

DbVisualizer is a universal database client for developers, DBAs, analysts, and data engineers working with relational and NoSQL databases. It provides a graphical interface for database development, SQL querying, data exploration, and database admin. The tool includes a powerful SQL editor...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
ZeroPath

ZeroPath (YC S24) is an AI-native application security platform that delivers comprehensive code protection beyond traditional SAST. Founded by security engineers from Tesla and Google, ZeroPath combines large language models with advanced program analysis to find and automatically fix...

See Software
ManageEngine Endpoint Central

ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the...

See Software
Curtain LogTrace File Activity Monitoring

Curtain LogTrace File Activity Monitoring is an enterprise file activity monitoring solution. It tracks user actions: create, copy, move, delete, rename, print, open, close, save. Includes source/destination paths and disk type. Perfect for monitoring user file activities. Key features: -...

See Software