Interesting thing found at OSCON: Taint

I attended a session this morning called "PHP Taint Tool: It Ain’t a Parser" by Luke Welling. Luke introduced a tool he’s working on at OmniTI that is designed to assist in sniffing out where the potential for untrusted input is handled. From the session description: … You want to see where untrusted input can…

1