WEB code Auditing

/* Xuanmu */Houjie

I think this is not exactly a technical issue, because there are too many things to consider outside of the technology, including the code structure, naming rules, and the rigor of syntax usage, A rather free language like PHP
Again, I feel that the current Code audit is basically still in the personal meat search stage. Should many people share the same feeling?
I read a lot of documents, including listening to some popular science technologies at the Conference. In fact, the variables are lost. What is the stream analysis?
Under the premise that the code programming style is basically standardized, as long as the regular expression is well written, no variable can't work.
Simple Example
Filepath is: d:/testblog
Check this string: include_once ("lang/". $ mylanguage. ". php ");
Newanalyse is: include_once ("lang/". $ mylanguage. ". php ");
Newanalyses parameter is: "lang/". $ mylanguage. ". php"
NOTICE: Hey, is it you?
$ Explode_array [0] => "lang /"
$ Explode_array [1] => $ mylanguage
$ Mylanguage is a variable !!!!!!!
Findstr is: $ mylanguage
Result Number 1
File Path: D: estblogincackendsettings. php
Lines: 5 => $ mylanguage = killedevil (strip_tags ($ _ POST [language]);

Result Number 2
File Path: D: estblogincackendsettings. php
Lines: 6 => include_once ("lang/". $ mylanguage. ". php ");

Of course, the special case exists, so we need to generalize one by one to analyze the parameters of a function, and then hand it to different processing branches for skin, conversion, cutting, extraction, and tracking, refactor and submit again to form a complete test item.
The tool you write can handle some situations. Of course there are some situations which may be difficult to handle. There are certainly false positives, but the possibility of false positives is very small.
I used some open WEB code audit tools. I didn't think they were particularly good, and the functions were almost the same. Which of my friends used the tools that I thought were good? Thank you, the premise is that you must use it yourself ~
I think that only by trying to write a satisfactory tool can I realize the mystery ...... Of course, I did not dare to compare my own writing with the dozens or hundreds of thousands of professional tools. However, some very expensive professional tools must have been used by some friends. What is the effect? Everyone knows.
So let's take a look at it. It's a bit like google's idea: first make a toy and then gradually improve it.

There are some funny things in the process. For example, I told someone that my tool can help you find out what problems your software has, and then someone said, in this way, your detection will be bypassed ......

Er ...... I used to introduce the use of code obfuscation to protect core algorithms.
Here I just want to say one thing: what I write is not a virus, not a profound defense mechanism. I really don't need anti, big brother. I just want to help ......

The technology is the one hand, and the other is how you promote your "code security" concept.

If you like code auditing, you can have a chat with me. I have a lot of questions that haven't been solved yet, but I also have some ideas, such as more communication, more communication, and more communication.

Go to the Champions League first