I’ve been working on a tool that I call “Watchtower” for the last several weeks. Watchtower is a platform- and language-agnostic Static Code Analysis tool that can be used for code audits and incident-response. The project is hosted here:
Check out the README to get a feel for how it works.
In the meantime, that’s all I can say, because I’m hoping to publish a more detailed introduction in an upcoming issue of 2600. If that submission is rejected, more details will later be made available here.
Foresight is a simple plugin that serves a simple purpose: it helps blog administrators to stay current on known exploits for WordPress and for WordPress plugins.
I enjoy using PHP for writing command-line applications. PHP’s power and flexibility make it ideal, in my opinion, for writing both full-featured applications, as well as for use as a “glue language” for automating various system-administrative tasks. There’s one area where PHP has traditionally fallen short in my mind, however – it lacks a good command-line option parser.