Svoboda | Graniru | BBC Russia | Golosameriki | Facebook

To install click the Add extension button. That's it.

The source code for the WIKI 2 extension is being checked by specialists of the Mozilla Foundation, Google, and Apple. You could also do it yourself at any point in time.

How to transfigure the Wikipedia

Would you like Wikipedia to always look as professional and up-to-date? We have created a browser extension. It will enhance any encyclopedic page you visit with the magic of the WIKI 2 technology.

Try it — you can delete it anytime.

Install in 5 seconds
4,5
Kelly Slayton
Congratulations on this excellent venture… what a great idea!
Alexander Grigorievskiy
I use WIKI 2 every day and almost forgot how the original Wikipedia looks like.
Live Statistics
English Articles
Improved in 24 Hours
Added in 24 Hours
What we do. Every page goes through several hundred of perfecting techniques; in live mode. Quite the same Wikipedia. Just better.
Great Wikipedia has got greater.
.
Leo
Newton
Brights
Milds

RIPS

From Wikipedia, the free encyclopedia

This article is about the software. For other uses, see rips (disambiguation).
RIPS
Developer(s)RIPS Technologies
Operating systemCross-platform
TypeStatic code analysis

RIPS (Research and Innovation to Promote Security) is a static code analysis software, designed for automated detection of security vulnerabilities in PHP and Java applications. The initial tool was written by Johannes Dahse and released during the Month of PHP Security[1] in May 2010 as open-source software.[2] The open-source version is released under the GNU Lesser General Public License and was maintained until 2013.

In 2016, RIPS Technologies, a company based in Bochum, Germany, released a rewritten version of RIPS.[3] The closed-source RIPS product was focused on industrial customers. Its analysis techniques were awarded, amongst others, the Internet Defense Prize[4] by Facebook.

In 2020, RIPS Technologies was acquired by SonarSource.[5] The RIPS tool is no longer available as a stand-alone product.

YouTube Encyclopedic

  • 1/3
    Views:
    359 077
    7 631
    39 353
  • How to Spot a Rip Current
  • Como hacer los RIPS?
  • Rip Currents -- Surf Life Saving and UNSW

Transcription

Open-Source Version (PHP)

The open-source version tokenizes PHP code (lexical analysis) based on PHP's tokenizer extension and performs semantic analysis to build a program model. Based on previously analyzed variable assignments, it performs backwards-directed inter-procedural taint analysis of sensitive sinks. This version or RIPS had the ability to scan PHP applications very fast for PHP-specific vulnerabilities. It supports the detection of 15 different vulnerability types, including Cross-Site Scripting, SQL Injection, Local File Inclusion, and others. Detected vulnerabilities are presented in a web interface with the minimum set of affected code lines as well as a vulnerability summary. For each vulnerability, an integrated code viewer can be opened in order to highlight the affected code lines in the original source code, which aids in easier remediation. Furthermore, aid is offered to understand the vulnerability and exploits can be generated automatically. The interface also offers a list of scanned PHP files, user-defined functions, and detected sources. The latest stable release version is 0.55, from 2017.[6]

Commercial Version (Java, PHP, Node.js)

The commercial version supported analysis of PHP and Java code. In order to identify security vulnerabilities that are based on second-order data flows or misplaced security mechanisms, it used abstract syntax trees, control-flow graphs, and context-sensitive taint analysis [7] It could automatically detect 200 different vulnerability types, code quality issues and misconfiguration weaknesses. The commercial version supported all versions of Java (up to 11), PHP (up to 7) and Node.js, industry standards such as OWASP Top 10, ASVS, CWE, SANS 25, and PCI-DSS. RIPS was available as on-premises software and as Software-as-a-Service.

See also

References

  1. ^ "MOPS Submission 09: RIPS – A static source code analyser for vulnerabilities in PHP scripts « the Month of PHP Security". Php-security.org. 2010-05-24. Retrieved 2016-08-10.
  2. ^ "RIPS open-source download". SourceForge.net. Retrieved 2016-08-10.
  3. ^ "RIPS - The Technology Leader in Static Application Security Testing". ripstech.com. 2019-05-07. Retrieved 2019-05-07.
  4. ^ "Internet Defense Prize". internetdefenseprize.org. Retrieved 2017-03-19.
  5. ^ "SonarSource's announcement of acquisition".
  6. ^ "RIPS - PHP Security Analysis - Browse Files at SourceForge.net". sourceforge.net. Retrieved 2024-05-05.
  7. ^ "RIPS - Our Static Application Security Testing Approach". ripstech.com. Retrieved 2019-05-07.
This page was last edited on 15 May 2024, at 07:35
Basis of this page is in Wikipedia. Text is available under the CC BY-SA 3.0 Unported License. Non-text media are available under their specified licenses. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc. WIKI 2 is an independent company and has no affiliation with Wikimedia Foundation.
Contact WIKI 2
Introduction
Terms of Service
Privacy Policy