We are moving our forum in GitHub Discussions. For questions about Phalcon v3/v4 you can visit here and for Phalcon v5 here.

How to test the Phalcon application?


Besides unit testing how can I test my Phalcon application against SQL injection or other harmfull tricks?


edited Apr '17

I don't know, maybe find some company doing such a tests? If you are using everywhere parameter binding then it's already sql injection protected.


You could also load up an virtual instance of Kali Linux on your LAN and point various automated attack tools that come prepackaged with Kali to your dev environment. That's what I do.