Related Product or JB Team
Vulnerability assessment is a big part of web development. Despite that, we don't have a lot of inspections for security issues and we don't support security testing tools. The goal of the project is to fill the gap and implement those tools. The first step is to analyse common web application vulnerabilities and existing tools to search for this problems. Then implement inspections in IDE for vulnerabilities which can be detected by static or dataflow analysis. Finally, implement a tool for an active security analysis, e.g. search for possible SQL injections. The tool can be either automatic or semi-automatic.
Security vulnerabilities analysis and implemented inspections will be a good result for the project.
Programming languages necessary for the project: Java
Knowledge / skills: The candidate should be able to search, aggregate and analyze information. He/she should be interested in searching for vulnerabilities and security problems. Within this project, it will be necessary to implement inspections for PHP web application but PHP experience is not required.