Outils d'utilisateurs
php
Différences
Cette page vous donne les différences entre la révision choisie et la version actuelle de la page.
|
php [2019/10/11 07:17] M0N5T3R |
php [2019/12/31 15:08] (Version actuelle) M0N5T3R |
||
|---|---|---|---|
| Ligne 1: | Ligne 1: | ||
| + | |||
| + | FIXME **Le PAD pour proposer une amélioration à cette page :** https://pad.zenk-security.com/p/merci | ||
| + | |||
| + | |||
| + | ====== PHP ====== | ||
| + | |||
| + | 🛠 PHPStan v0.11.19 releases: PHP Static Analysis Tool https://securityonline.info/phpstan-php-static-analysis/ | ||
| + | |||
| + | 🛠 Cheatsheet for finding vulnerable PHP code using grep https://github.com/dustyfresh/PHP-vulnerability-audit-cheatsheet | ||
| + | |||
| 🛠 We help your business to secure PHP and Java web applications with language specific code analysis. https://www.ripstech.com/ | 🛠 We help your business to secure PHP and Java web applications with language specific code analysis. https://www.ripstech.com/ | ||
| Ligne 4: | Ligne 14: | ||
| https://www.exakat.io/ | https://www.exakat.io/ | ||
| + | |||
| + | 🛠 SensioLabs | ||
| + | SensioLabs leverage composer.lock file to check for known security risk. https://security.sensiolabs.org/ | ||
| 🛠 phpcs-security-audit v2 https://github.com/FloeDesignTechnologies/phpcs-security-audit | 🛠 phpcs-security-audit v2 https://github.com/FloeDesignTechnologies/phpcs-security-audit | ||
| - | 🛠 A static analyzer for security purposes https://github.com/designsecurity/progpilot | + | 🛠 Progpilot - A static analyzer for security purposes https://github.com/designsecurity/progpilot |
| 🛠 RIPS - A static source code analyser for vulnerabilities in PHP scripts http://rips-scanner.sourceforge.net/ | 🛠 RIPS - A static source code analyser for vulnerabilities in PHP scripts http://rips-scanner.sourceforge.net/ | ||
| Ligne 28: | Ligne 41: | ||
| 🛠 [Eir](https://github.com/Lixody/Eir) - A static vulnerability analysis tool written in C#. | 🛠 [Eir](https://github.com/Lixody/Eir) - A static vulnerability analysis tool written in C#. | ||
| + | |||
| + | 🛠 [Grabber] | ||
| + | ( http://rgaucher.info/beta/grabber/ ) Grabber, a python based tool to perform hybrid analysis on a PHP-based application using PHP-SAT. | ||
| 🛠 [Exakat](http://www.exakat.io/) - Smart static analysis. | 🛠 [Exakat](http://www.exakat.io/) - Smart static analysis. | ||
| Ligne 101: | Ligne 117: | ||
| 🛠 [SonarQube](http://www.sonarqube.org/) - An open platform to manage code quality. It covers PHP code. | 🛠 [SonarQube](http://www.sonarqube.org/) - An open platform to manage code quality. It covers PHP code. | ||
| + | |||
| + | |||
| + | 🛠 [SonarPHP] | ||
| + | (https://www.sonarsource.com/products/codeanalyzers/sonarphp.html) - SonarPHP by SonarSource uses pattern matching, data flow techniques to find vulnerabilities in PHP codes. It is a static code analyzer and integrates with Eclipse, IntelliJ | ||
| 🛠 [Side Channel Analyzer](https://github.com/olivo/side-channel-analyzer) - Search for side-channel vulnerable code. | 🛠 [Side Channel Analyzer](https://github.com/olivo/side-channel-analyzer) - Search for side-channel vulnerable code. | ||
| Ligne 118: | Ligne 138: | ||
| 🛠 [17eyes](https://github.com/17eyes/17eyes) - PHP static analyzer written in Haskell. | 🛠 [17eyes](https://github.com/17eyes/17eyes) - PHP static analyzer written in Haskell. | ||
| + | 🛠 [PHP Sandbox](http://sandbox.onlinephpfunctions.com/) Test your PHP code with this code tester | ||
php.1570771040.txt.gz · Dernière modification: 2019/10/11 07:17 par M0N5T3R
Outils de la Page
Sauf mention contraire, le contenu de ce wiki est placé sous la licence suivante : CC Attribution-Share Alike 3.0 Unported
