Ed Finkler of the PHP Security Consortium has launched a new project to help developers and system administrators audit PHP environments. PHPSecInfo provides a simple-to-use security audit system for the PHP environment, with a look and feel similar to that of the phpinfo() function.
PHPSecInfo currently has a suite of 16 tests. Interested PHP developers are encouraged to propose and write new tests for consideration as well as help refine the existing test suite. You can find contact information for Ed Finkler and any member of the PHP Security Consortium online at:
Downloads, documentation, and more information are available at:
Development of PHPSecInfo is being sponsored in part by CERIAS at Purdue University.