What are some good, free tools to run automated security audits for PHP code?

Posted by James Simpson on Server Fault See other posts from Server Fault or by James Simpson
Published on 2011-03-12T22:31:43Z Indexed on 2011/03/13 0:12 UTC
Read the original article Hit count: 455

Filed under:
|
|

I've been looking for some time now and have come up short. The most promising I found was Spike PHP, which seems to no longer work. I'm looking to scan my code for potential risks of SQL Injection, XSS, etc. I've gone through most of my code manually, but with a few hundred thousand lines of code, I'm sure I missed things. If possible, are there any tools that can be downloaded and analyze code on my local machine rather than installing to the live server (this isn't a requirement if not)?

© Server Fault or respective owner

Related posts about linux

Related posts about php