Home About How does it work? Why do I need it? Services Sample Report Contact

What is XSSOOPS?

XSSOOPS a security and performance analysis application designed to generate reports detailing security faults and bottlenecks in a given site and/or application.

The XSSOOPS test suite is an evolution of a highly effective automated set of utilities that were designed to continually test FUDforum bulletin board against vulnerabilities to ensure the highest code quality possible. This test suite had played a large role in helping FUDforum developers maintain an excellent security record, far exceeding that of nearly all common use PHP applications.

Given the recent onslaught of compromises targeted at existing and new PHP application, Advanced Internet Designs Inc. under the leadership of Ilia Alshanetsky made the decision to extend the test suit and make it into a common use application which is what XSSOOPS is today.

Availability of XSSOOPS scan services should provide developer with fast and effective means of testing the security of their code as well as profiling it for possible bottlenecks. Thus helping anyone to design robust and secure web applications.

It should be noted that XSSOOPS is not limited to analysis of PHP application; it is just as capable of examining software written in all other scripting languages.

What does XSSOOPS stand for?

XSSOOPS is not a very long acronym, but rather a combination of the XSS acronym and the word "oops". This name was chosen since one of the most common problems this tool detects are cross site scripting vulnerabilities and they are often the result of accidental coding mistakes, hence the "oops".

About the Author

XSSOOPS was developed by Ilia Alshanetsky, a PHP Core Developer and a security professional. He has many years of experience working with web applications as well as languages they are written in. This knowledge was essential in the development of an automated test suit capable for detecting security faults without meticulous code analysis done by hand.

Ilia is a frequent speaker at conferences worldwide, author of the Guide to PHP Security and the developer of Zend Certification Training and Professional PHP Development courses.