awesome-php-security
PHP Security Tools
A curated collection of resources and tools to help developers improve the security of their PHP applications.
Awesome PHP Security Resources πΆππ
966 stars
29 watching
89 forks
last commit: about 2 years ago
Linked from 1 awesome list
application-securityawesomeawesome-listdevsecopsphpsecuritysecurity-tools
Tools / Web Framework Hardening | |||
| Snuffleupagus | Security mondule for PHP7/8, the successsor to | ||
| Secure-Headers | 510 | about 1 year ago | Add security related headers to HTTP response |
Tools / Static Code Analysis | |||
| Enlightn | Enlightn is a static and dynamic analysis tool to improve the security of Laravel applications | ||
| Exakat | 379 | over 3 years ago | is a PHP static code analysis, with serious |
| phpcs-security-audit | 712 | almost 3 years ago | phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code |
| progpilot | 333 | 11 months ago | A static analyzer for security purposes |
| Parse | 367 | about 7 years ago | The scanner is a static scanning tool to review your PHP code for potential security-related issues |
| SonarPHP | 394 | 11 months ago | from - A static code analyser for PHP language used as an extension for the SonarQube platform (200+ rules, Supports up to PHP 8, Import of unit test and coverage results, Support of custom rules) |
| Snyk Code | PHP support (beta) and available in Snyk free tier | ||
Tools / Vulnerabilities and Security Advisories | |||
| security-checker | 1,997 | almost 5 years ago | PHP frontend for security.symfony.com |
| Symfony Security Monitoring | PHP security vulnerabilities monitoring | ||
| roave/security-advisories | 2,731 | 11 months ago | Add this dependency to disallow known/vulnerable installation of packages directly through |
| Security Advisories | 2,050 | 12 months ago | A database of PHP security advisories |
| php-malware-detector | 133 | almost 7 years ago | PHP malware detector |
| Snyk Open Source | Package manager scanner with a free tier | ||
Educational / Hacking Playground | |||
| DVWA | 10,423 | 11 months ago | Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is damn vulnerable |
| Insecure PHP Example | 7 | over 1 year ago | This is an example application built using Silex for routing to provide examples of SQL Injection, plain text passwords and XSS |
Educational / Guides | |||
| Official PHP Security Manual | |||
| Survive The Deep End: PHP Security | |||
| Security Tips for a PHP Application | |||
| Awesome-AppSec: PHP-Section | 6,372 | over 1 year ago | |
| The 2018 Guide to Building Secure PHP Software | |||
Companies | |||
| GuardRails | A GitHub App that gives you instant security feedback in your Pull Requests | ||
| RIPS | RIPS is the leading security analysis solution for PHP | ||
| Snyk | A developer-first solution that automates finding & fixing vulnerabilities in your dependencies | ||
| Sqreen | Automated security for your web apps - real time application security protection | ||
| Paragon Initiative Enterprises | PHP Security and Cryptography consultants, open source library publishers | ||
0ex/more-awesome
exakat/php-static-analysis-tools