Not a web application security scanner, but on a related note, I am
currently experimenting with using static analysis to detect flaws in
MediaWiki extensions -
https://github.com/wikimedia/Phan-Taint-Check-Plugin . It is still
rather experimental (And has some annoying dependency requirements
that I need to fix), but perhaps it would be helpful to you.
I'd be very interested in hearing about any successes you have with
security scanning tools.
On Tue, Feb 13, 2018 at 1:56 PM, Evans, Richard K. (GRC-H000)
> As I am advocating for increased adoption of Mediawiki in my organization,
> they have asked me if there are any pre-existing Web Application Security
> Scanners for Mediawiki. They mentioned "Netsparker" as an example of a web
> application security scanning tool that they use already and asked me if I
> knew if it was adequate for Mediawiki.. I did not know. So I thought I'd ask
> here if the Mediawiki Dev. community has any recommendations for web
> application security scanning tools that are known to work well for Mediawiki
> Does anyone run a Mediawiki site that is audited a Web Application Security
> Scanner tool? If so, I'd love to hear from you.
> MediaWiki-l mailing list
> To unsubscribe, go to:
MediaWiki-l mailing list
To unsubscribe, go to: