Hi,
Not a web application security scanner, but on a related note, I am
currently experimenting with using static analysis to detect flaws in
MediaWiki extensions -
https://github.com/wikimedia/Phan-Taint-Check-Plugin . It is still
rather experimental (And has some annoying dependency requirements
that I need to fix), but perhaps it would be helpful to you.
I'd be very interested in hearing about any successes you have with
security scanning tools.
--
Brian
On Tue, Feb 13, 2018 at 1:56 PM, Evans, Richard K. (GRC-H000)
<richard.k.evans(a)nasa.gov> wrote:
As I am advocating for increased adoption of Mediawiki
in my organization, they have asked me if there are any pre-existing Web Application
Security Scanners for Mediawiki. They mentioned "Netsparker" as an example of a
web application security scanning tool that they use already and asked me if I knew if it
was adequate for Mediawiki.. I did not know. So I thought I'd ask here if the
Mediawiki Dev. community has any recommendations for web application security scanning
tools that are known to work well for Mediawiki sites.
Does anyone run a Mediawiki site that is audited a Web Application Security Scanner tool?
If so, I'd love to hear from you.
Thanks,
-Rich
_______________________________________________
MediaWiki-l mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l