Detects Adobe Flash flaws with SWFScan

Posted: March 24th, 2009 | Author: | Filed under: My Self | Tags: , , , | No Comments »

HP SWFScan, a free tool developed by HP Web Security Research Group, will automatically find security vulnerabilities in applications built on the Flash platform.

HP is offering SWFScan because:

  • HP’s research shows that developers is increasingly implementing applications built on the Adobe Flash platform without the required security expertise.
  • As a result, HP is seeing a proliferation of insecure applications being deployed on the web.
  • A vulnerable application built on the Flash platform widens your website’s attack surface creating more opportunity for malicious hackers.

How SWFScan works and what vulnerabilities it finds:

  • Decompiles applications built on the Adobe Flash platform to extract the ActionScript code and statically analyzes it to identify security issues such as information disclosure.
  • Identifies and reports insecure programming and deployment practices and suggests solutions.
  • Enables you to audit third party applications without requiring access to the source code.

Dowload this free tool to help your team find Flash vulnerabilities in your web applications.