Technology moves fast! ⚡ Don't get left behind.🚶 Subscribe to our mailing list to keep up with latest and greatest in open source projects! 🏆


Subscribe to our mailing list

php-security-scanner

A static security scanner for PHP

Subscribe to updates I use php-security-scanner


Statistics on php-security-scanner

Number of watchers on Github 89
Number of open issues 2
Main language PHP
Open pull requests 0+
Closed pull requests 0+
Last commit almost 4 years ago
Repo Created almost 4 years ago
Repo Last Updated over 1 year ago
Size 132 KB
Organization / Authorircmaxell
Contributors1
Page Updated
Do you use php-security-scanner? Leave a review!
View open issues (2)
View php-security-scanner activity
View on github
Fresh, new opensource launches 🚀🚀🚀
Trendy new open source projects in your inbox! View examples

Subscribe to our mailing list

Evaluating php-security-scanner for your project? Score Explanation
Commits Score (?)
Issues & PR Score (?)

A Static Analyzer Security Scanner (for PHP)

This detects passing unsafe variables to unsafe function arguments.

Usage:

bin/php-security-scanner scan path/to/files

It will search through all files for security issues.

Example

Given the following code:

<?php

function bar() {
    foo($_GET['name']);
}

function foo($name) {
    mysql_query("SELECT * FROM foo WHERE name = '$name'");
}

?>

Running the scanner on this file will identify like 4 as an error, with the message:

Possible SQL Injection found in call to foo() argument number 1

Supported vulnerability scanners:

Currently, only mysql_query is supported, and only in limited situations.

php-security-scanner open issues Ask a question     (View All Issues)
  • almost 4 years Support more functions!
php-security-scanner questions on Stackoverflow (View All Questions)
  • PHP security scanner
php-security-scanner list of languages used
Other projects in PHP