Description & Features:
WAP is a source code static analysis and data mining tool to detect and correct input validation vulnerabilities in web applications written in PHP (version 4.0 or higher) with a low rate of false positives.
WAP detects and corrects the following vulnerabilities:
This tool semantically analyses the source code. More precisely, it does taint analysis (data-flow analysis) to detect the input validation vulnerabilities. The aim of the taint analysis is to track malicious inputs inserted by entry points ($_GET, $_POST arrays) and to verify if they reach some sensitive sink (PHP functions that can be exploited by malicious input). After the detection, the tool uses data mining to confirm if the vulnerabilities are real or false positives. At the end, the real vulnerabilities are corrected with the insertion of the fixes (small pieces of code) in the source code.
WAP is written in Java language and is constituted by three modules:
We would like to thank the support by the EC through projects FP7-607109 (SEGRID) and FP7-257475 (MASSIF), and by the FCT through the LaSIGE Strategic Project (PEst-OE/EEI/UI0408/2014) and contract PEst-OE/EEI/LA0021/2013 (INESC-ID).