PHP-vulnerability-audit-cheatsheet

Vulnerability scanner

A collection of grep commands to help find potentially vulnerable PHP code

This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabilities you generally find with that function.

GitHub

346 stars
9 watching
57 forks
last commit: over 6 years ago
Linked from 1 awesome list


Backlinks from these awesome lists:

Related projects:

Repository Description Stars
1ndianl33t/gf-patterns A toolset for identifying potential security vulnerabilities and patterns in web applications 1,218
designsecurity/progpilot An application security testing tool for identifying vulnerabilities in PHP code 330
freefv/tencent_yun_tools A collection of Python scripts to exploit vulnerabilities in Tencent Cloud services using an AccessKey 34
sectooladdict/wavsep An open-source tool for evaluating web application vulnerabilities by analyzing the separation of concerns in web applications. 228
r0075h3ll/oralyzer A tool to identify vulnerabilities in web applications by probing for Open Redirections and other types of attacks. 753
eddiezab/aggressor-scripts A collection of scripts and tools for testing and exploiting network and system vulnerabilities. 1
m0nad/hellraiser Scans networks to identify vulnerabilities by correlating CPEs with CVEs using an API 562
swisskyrepo/vulny-code-static-analysis A script to detect vulnerabilities in PHP source code using static analysis and regular expressions. 398
kathanp19/gaussrf A tool for identifying potential vulnerabilities in websites by fetching known URLs and filtering out ones with open redirects or SSRF parameters. 165
delvelabs/vane2 Identifies vulnerabilities in WordPress websites by scanning plugins and themes 28
bitthebyte/eagle A tool for detecting vulnerabilities in web applications 110
sonatype-nexus-community/auditjs Tools to scan npm packages for known vulnerabilities and outdated dependencies. 223
daffainfo/match-replace-burp A collection of Burp Suite rules for identifying and exploiting vulnerabilities in web applications 338
fkie-cad/cwe_checker Automated binary analysis tool to detect common software vulnerabilities 1,134
serain/mailspoof A tool to analyze and report on SPF and DMARC record issues for potential email spoofing vulnerabilities. 127