Source code review is often included as a phase of penetration testing engagements to identify the damage an insider armed with code could cause. The security researcher tries to think like a malicious insider and identify code weaknesses that can be used to launch an attack. Learning the required mindset and skills takes dedication and patience.
That's why I decided, in the course of pursuing OSWE certification, to create a short guide for new security researchers on how to look for certain PHP vulnerabilities. That sounds simple enough, right?
Well, my modest proposal turned into an 90+-page guide, Finding and Exploiting Bugs in PHP Source Code, that Anvil is releasing today. It covers SQL injection, PHP type juggling, and client-side vulnerabilities, and is filled with screenshots, and code snips. The guide demonstrates how to prepare for a source code review, discover vulnerabilities, and exploit those vulnerabilities. And along the way, it provides insight into the attacker mindset.
The guide can be viewed here: Finding and Exploiting Bugs in PHP Source Code
About the Author
Patrick Smith is a Security Engineer at Anvil. He specializes in application penetration testing, particularly in cloud environments. He has a passion for learning; he regularly spends time looking for new ways to approach security problems. Prior to joining Anvil, Patrick studied Computer Science at the University of West Florida and co-founded a cybersecurity startup.
This is Patrick's most ambitious writing project to date. If you are interested in joining a team that encourages all team members to pursue research and learning opportunities, provides support for content development, and publishes results on the company platform, check out Anvil's Careers page.