Hi, Not a web application security scanner, but on a related note, I am currently experimenting with using static analysis to detect flaws in MediaWiki extensions - https://github.com/wikimedia/Phan-Taint-Check-Plugin . It is still rather experimental (And has some annoying dependency requirements that I need to fix), but perhaps it would be helpful to you.
I'd be very interested in hearing about any successes you have with security scanning tools. -- Brian On Tue, Feb 13, 2018 at 1:56 PM, Evans, Richard K. (GRC-H000) <[email protected]> wrote: > As I am advocating for increased adoption of Mediawiki in my organization, > they have asked me if there are any pre-existing Web Application Security > Scanners for Mediawiki. They mentioned "Netsparker" as an example of a web > application security scanning tool that they use already and asked me if I > knew if it was adequate for Mediawiki.. I did not know. So I thought I'd ask > here if the Mediawiki Dev. community has any recommendations for web > application security scanning tools that are known to work well for Mediawiki > sites. > > Does anyone run a Mediawiki site that is audited a Web Application Security > Scanner tool? If so, I'd love to hear from you. > > Thanks, > -Rich > > _______________________________________________ > MediaWiki-l mailing list > To unsubscribe, go to: > https://lists.wikimedia.org/mailman/listinfo/mediawiki-l _______________________________________________ MediaWiki-l mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
