It is likely that Chorizo! won't find anything if you are testing it on the start page. Take for example your own blog - you are on the blog front page and test this page with Chorizo! and it finds 0 results. Most security problems come alive when you have backend functionality on the current URL, that means if you are logged in as an admin or editor inside your application. It is likely that Chorizo! will find bugs there and not on the front page.

Chorizo! takes the parameters of the current URL that you see in your browser and tries to manipulate them. So it does not take the current HTML code and i.e. manipulate the form inside. Imagine a URL like http://www.somedomain.com/test.php?x=3&y=2 . Here Chorizo! tries to manipulate the parameters x and y. If you are only on the URL like http://www.somedomain.com/test.php, it is likely that Chorizo! won't find any bugs. You can avoid this by using the recursive scans where you can start at http://www.somedomain.com/test.php and Chorizo! finds the bugs also in forms etc.

Chorizo! has a very comfortable and nice feature: the 'Scan while browsing' mode. With this mode, you won't scan a page manually. Instead, Chorizo! scans in the background for errors, i.e. when submitting forms, logging inside your system etc. It gives you the advantage that you don't miss an URL to scan.

Chorizo! will do all the donkey work for you. Just make your normal regression tests during development, and Chorizo! scans for security bugs in the background.

Sometimes, security bugs are not always visible by scanning from outside. With Morcilla, we developed a PHP extension that will be installed on your server you want to test. Morcilla is able to hook into PHP functions - it will by activated by Chorizo! and tells Chorizo! what's going on inside your application. For example, we can directly see if there's a SQL injection possible in your mysql_query() commands.

Morcilla has further advantages: we can track for security bugs that are not instantly visible on the webpage (but that can be issued from the outside!), i.e. security bugs in code executions like eval, include/require, fopen, shell_exec, preg_replace and many many other functions.

By using Morcilla together with Chorizo!, you scan your application more deeply. For example, with Morcilla we found more bugs in several Open Source PHP applications than without Morcilla. Morcilla is available in the Standard version of Chorizo!.

You can buy it on your "My Chorizo" page: just click on the "Buy more Chorizo!" link there. If you want to know what Morcilla can do for you, just go to the help page of this plugin.

1. Register Chorizo!, 2. First steps, 3. Scan with Chorizo!, 4. Analyze the results