The Joomla core developers use a combination of manual auditing and automated auditing. They use Acunetix Web Vulnerability Scanner for the automated auditing which has been donated to the Joomla Project. Acunetix WVS scans the site for SQL injection, cross-site scripting and other vulnerabilities, thereby averting possible hacker attacks.
This tool has been run against the 1.0.x trunk (in preparation for 1.0.12) 3 times in the last two months which gives the Joomla Team valuable reports that allows them to hardens the code. This is a great tool to be using, because we all know about human error.
Donations
Events
Petitions
Forms
Shop
Directories