Project RIPS v0.54 – Status

I just updated RIPS and fixed some JavaScript errors that came up due to the latest browser updates (thank you for the reports). You can download it here. Now the code viewer and other window features should work again. At the same time I am announcing that the current version of RIPS will not be enhanced. The current engine does not allow further enhancement and suffers from bad language parsing. This leads to an inacceptable rate of false positives. Further, the current engine can not be extended to support OOP.

The good news is that I have rewritten RIPS completely during the past 6 month during my final master thesis at the Ruhr-University Bochum. RIPS 1.0 now uses Abstract Syntax Trees, Control Flow Graphs, and Context-Sensitive String Analysis doing it the academic way ;). The result looks very promising, but its worthless to share any results/numbers without sharing the tool. It is still under development and a release date is unknown, but already in its current state it is way better than RIPS 0.5. In the end, full OOP support is planned. Any updates will be released here or via twitter.

The project continues … =)

Advertisement

This entry was posted on Friday, February 1st, 2013 at 4:59 pm and is filed under PHP, Projects. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.

9 Responses to Project RIPS v0.54 – Status

  1. Darrell says:
    September 12, 2013 at 2:25 pm

    It’s disappointing to not see a slew of positive comments/feedback on this post. Perhaps many people are just lurking, and watching. RIPS is a fantastic tool, thank you for your monumental efforts on this. Can’t wait to download and use v1.0

    Reply
  2. Stuart says:
    October 9, 2013 at 2:57 pm

    Hi Hannes,

    Can’t wait to see the new version of RIPS 🙂 I hope it won’t be too much longer!

    Stu

    Reply
  3. Arjan says:
    February 8, 2014 at 8:00 am

    I am eagerly awaiting to see what you have done with it, it sounds very promising and I look forward to using it. 🙂

    Reply
  4. Tom says:
    September 24, 2014 at 2:00 pm

    Looking forward to updates. Enjoyed the academic-style article. Please let the community know how we can help.

    Reply
  5. ryvan says:
    November 29, 2014 at 10:55 am

    I am really in love with this tool,if there are any possibilities ,i wanna be a volunteer in developing any modules or add-ons,anything.Thanks ,awesome work.

    Reply
  6. Sergei says:
    February 11, 2015 at 12:48 pm

    Hi,
    are there any news regarding release date of RIPS 1.0? I read your papers on PHP analysis and am very interested in exploring the tool that uses taint and AST as internal representation for PHP security analysis. Hope RIPS 1.0 will be released soon. Thanks!

    Reply
  7. Jabberwock says:
    June 11, 2015 at 2:39 pm

    BUMP!

    Reply
  8. krober.biz says:
    April 29, 2016 at 9:45 pm

    BUMP BUMP BUMP!

    Reply
  9. Reiners says:
    May 26, 2016 at 7:32 pm

    The new version will be available as a commercial product at https://www.ripstech.com

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: