Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:31852 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 84676 invoked by uid 1010); 22 Aug 2007 17:26:06 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 84661 invoked from network); 22 Aug 2007 17:26:06 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 22 Aug 2007 17:26:06 -0000 Authentication-Results: pb1.pair.com header.from=egutesman@coresecurity.com; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=egutesman@coresecurity.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain coresecurity.com designates 200.123.107.164 as permitted sender) X-PHP-List-Original-Sender: egutesman@coresecurity.com X-Host-Fingerprint: 200.123.107.164 mail.corest.com OpenBSD 3.0-3.4 (scrub) Received: from [200.123.107.164] ([200.123.107.164:10813] helo=mail.corest.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id A2/03-56006-CA17CC64 for ; Wed, 22 Aug 2007 13:26:05 -0400 Received: from webmail.corest.com (lan-107-165.coresecurity.com [200.123.107.165]) by sin.core-sdi.com (mail system) with ESMTP id 50D145EA818 for ; Wed, 22 Aug 2007 17:26:01 +0000 (GMT) Message-ID: <46CC71A4.4030303@coresecurity.com> Date: Wed, 22 Aug 2007 14:25:56 -0300 Organization: Core Security Technologies MIME-Version: 1.0 To: PHP Internals References: <46CC63C6.3040108@coresecurity.com> In-Reply-To: <46CC63C6.3040108@coresecurity.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] Announcement: Releasing CORE GRASP for PHP. An open source, dynamic web application protection system. From: egutesman@coresecurity.com (Ezequiel Gutesman) The correct URL is http://grasp.coresecurity.com Ezequiel Gutesman wrote: > CORE GRASP for PHP is a web-application protection software aimed at > detecting and blocking injection vulnerabilities and privacy violations. > As mentioned during its presentation at Black Hat USA 2007, GRASP is > being released as open source under the Apache 2.0 license and can be > obtained from http://gasp.coresecurity.com/. > > The present implementation protects PHP 5.2.3 against SQL-injection > attacks for the MySQL engine, it can be installed with almost the same > effort as the PHP engine, both in Unix and Windows systems, and > protection is immediate with any PHP web application running in the > protected server. > > CORE GRASP works by enhancing the PHP execution engine (VM) to permit > byte-level taint tracking and analysis for all the user-controlled or > otherwise untrustable variables of the web application. Tainted bytes > are then tracked and their taint marks propagated throughout the web > application's runtime. Whenever the web application tries to interact > with an DB backend using SQL statements that contain tainted bytes, > GRASP analyzes the statment and detects and prevents attacks or abnormal > actions. > > CORE GRASP was developed by CoreLabs, the research unit of Core Security > Technologies. At CoreLabs, we plan to improve the tool and include new > protections shortly. However, the invitation to collaborate with the > project is open. If you would like to collaborate, please go to the > GRASP website and subscribe to our mailing list. > > Project home: http://grasp.coresecurity.com/ > Documentation, presentation and papers: > http://grasp.coresecurity.com/index.php?m=doc > Download: http://grasp.coresecurity.com/index.php?m=dld > >