Are you happy with your logging solution? Would you help us out by taking a 30-second survey? Click here


A static security scanner for PHP

Subscribe to updates I use php-security-scanner

Statistics on php-security-scanner

Number of watchers on Github 89
Number of open issues 2
Main language PHP
Open pull requests 0+
Closed pull requests 0+
Last commit over 4 years ago
Repo Created over 4 years ago
Repo Last Updated almost 2 years ago
Size 132 KB
Organization / Authorircmaxell
Page Updated
Do you use php-security-scanner? Leave a review!
View open issues (2)
View php-security-scanner activity
View on github
Fresh, new opensource launches 🚀🚀🚀
Trendy new open source projects in your inbox! View examples

Subscribe to our mailing list

Evaluating php-security-scanner for your project? Score Explanation
Commits Score (?)
Issues & PR Score (?)

A Static Analyzer Security Scanner (for PHP)

This detects passing unsafe variables to unsafe function arguments.


bin/php-security-scanner scan path/to/files

It will search through all files for security issues.


Given the following code:


function bar() {

function foo($name) {
    mysql_query("SELECT * FROM foo WHERE name = '$name'");


Running the scanner on this file will identify like 4 as an error, with the message:

Possible SQL Injection found in call to foo() argument number 1

Supported vulnerability scanners:

Currently, only mysql_query is supported, and only in limited situations.

php-security-scanner open issues Ask a question     (View All Issues)
  • over 4 years Support more functions!
php-security-scanner questions on Stackoverflow (View All Questions)
  • PHP security scanner
php-security-scanner list of languages used
Other projects in PHP