http://4.bp.blogspot.com/-8_iabOO1BV8/TsjrMHCxr5I/AAAAAAAAA9U/iw7iW3ZWNTI/s1600/PHP-VH-Launcher.png

This is the application that detected almost all of the web application vulnerabilities listed on the advisories page. PHP Vulnerability Hunter is an advanced automated whitebox fuzz testing tool capable of triggering a wide range of exploitable faults in PHP web applications. Minimal configuration is necessary to begin a scan; PHP Vulnerability Hunter doesn’t even need a user specified starting URI.

How does it work?
At the core of the PHP Vulnerability Hunter scan algorithm is dynamic program analysis. Unlike many vulnerability scanners and fuzz tools that rely on static analysis, PHP Vulnerability Hunter analyzes the program as it’s running to get a clear view of all input vectors. That means better code coverage and as a result greater confidence in code security.

Download:

Downloads - php-vulnerability-hunter - PHP Vulnerability Hunter is an advanced automated whitebox fuzz testing tool. - Google Project Hosting (http://code.google.com/p/php-vulnerability-hunter/downloads/list)


More info:

PHP Vulnerability Hunter Overview (http://www.autosectools.com/PHP-Vulnerability-Scanner)