PHP-vulnerability-audit-cheatsheet
Vulnerability scanner
A collection of grep commands to help find potentially vulnerable PHP code
This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabilities you generally find with that function.
346 stars
9 watching
57 forks
last commit: over 6 years ago
Linked from 1 awesome list
Related projects:
Repository | Description | Stars |
---|---|---|
1ndianl33t/gf-patterns | A toolset for identifying potential security vulnerabilities and patterns in web applications | 1,218 |
designsecurity/progpilot | An application security testing tool for identifying vulnerabilities in PHP code | 330 |
freefv/tencent_yun_tools | A collection of Python scripts to exploit vulnerabilities in Tencent Cloud services using an AccessKey | 34 |
sectooladdict/wavsep | An open-source tool for evaluating web application vulnerabilities by analyzing the separation of concerns in web applications. | 228 |
r0075h3ll/oralyzer | A tool to identify vulnerabilities in web applications by probing for Open Redirections and other types of attacks. | 753 |
eddiezab/aggressor-scripts | A collection of scripts and tools for testing and exploiting network and system vulnerabilities. | 1 |
m0nad/hellraiser | Scans networks to identify vulnerabilities by correlating CPEs with CVEs using an API | 562 |
swisskyrepo/vulny-code-static-analysis | A script to detect vulnerabilities in PHP source code using static analysis and regular expressions. | 398 |
kathanp19/gaussrf | A tool for identifying potential vulnerabilities in websites by fetching known URLs and filtering out ones with open redirects or SSRF parameters. | 165 |
delvelabs/vane2 | Identifies vulnerabilities in WordPress websites by scanning plugins and themes | 28 |
bitthebyte/eagle | A tool for detecting vulnerabilities in web applications | 110 |
sonatype-nexus-community/auditjs | Tools to scan npm packages for known vulnerabilities and outdated dependencies. | 223 |
daffainfo/match-replace-burp | A collection of Burp Suite rules for identifying and exploiting vulnerabilities in web applications | 338 |
fkie-cad/cwe_checker | Automated binary analysis tool to detect common software vulnerabilities | 1,134 |
serain/mailspoof | A tool to analyze and report on SPF and DMARC record issues for potential email spoofing vulnerabilities. | 127 |