2.3.28. Inventory

This ruleset collect all free-text names used in the code : variables, global, arguments, methods, classes, etc…

For example :

  • Classes/MagicProperties

  • Constants/Constantnames : names of global Constants

  • Php/CookieVariables : names of cookies

  • Php/DateFormats : date formats

  • Php/IncomingVariables : names of the GET/POST arguments

  • Php/SessionVariables : names of the session variables

  • Type/ArrayIndex : indices used in arrays

  • Type/Binary : binary values

  • Type/CharString : string values

  • Type/Email : hardcoded emails

  • Type/GPCIndex : GET, POST and COOKIE names

  • Type/Hexadecimal : hexadecimal values

  • Type/HexadecimalString : hexadecimal values

  • Type/HttpHeader : HTTP headers

  • Type/HttpStatus : HTTP status

  • Type/Md5String : MD5 string

  • Type/MimeType : Mime types

  • Type/OctalInString : octal values

  • Type/OpensslCipher : names of OpenSSL cipher

  • Type/Pack : pack() formats

  • Type/Pcre : regex strings

  • Type/Ports : server ports mentioned

  • Type/Printf : printf() and co formatting strings

  • Type/Regex : regex strings

  • Type/SpecialIntegers : integer, with special values

  • Type/Sql : SQL strings

  • Type/UdpDomains : UDP domains

  • Type/UnicodeBlock : Unicode blocks

  • Type/Url : URL

Total : 39 analysis

2.3.28.1. Specs

Short name

Inventory

Available in

Entreprise Edition, Exakat Cloud

Reports