With the growth of intense Flash applications that handle sensitive data like user names, passwords, account data, etc, HP looks to increase awareness of common security vulnerabilities that can be found in today’s Flash applications. Earlier this week, HP announced the release of its security tool called HP SWFScan.
What is HP SWFScan?
HP SWFScan is a free security tool for Windows that helps developers find security vulnerabilities in applications developed with the Adobe Flash Platform. SWFScan helps you find, fix, and prevent security vulnerabilities in your SWF applications and deliver more secure code without having to become a security expert.
How does it work?
SWFScan will decompile the targeted SWF file and analyze the source code to see if it can target any potential security vulnerabilities. It will also perform a static analysis to understand their behaviors as this will help identify vulnerabilities that lie under the surface of an application and are not otherwise detectable with traditional dynamic methods.
If you’ve ever used a SWF decompiler, then the interface of this application will feel right at home. If you are interested in learning more on SWFScan check the article on Adobe Developer Center.