Bugs finders

Tools that reports issues in the code that are or lead to bugs.

Eir – Eir is a static vulnerability analysis tool for PHP applications written in C#
Exakat – Smart static analysis for PHP
Mondrian – A code analysis tool using Graph Theory.
php-analysis – PHP Analysis in Rascal (PHP AiR).
PHP Assumption – Finds weak assumptions in the code, suggest to turn them into stronger validations.
PhpCodeAnalyzer – finds usage of non-built-in extensions in your php code.
PHPCodeFixer – finds usage of deprecated functions, variables and ini directives in your php code.
php7mar – PHP 7 Migration Assistant Report.
phpcallgraph – PHP 7 Migration Assistant Report.
PHPCPD – phpcpd spots copy/pasted code, and help enforcing DRY rule.
Phan – The static analyzer by Rasmus.
PHP Inspection – Static analysis for phpstorm.
PHP lint – PHP itself, able to detect syntax error from command line.
PHPlint – PHPLint is a validator and documentator for PHP 5 programs
PHP Mess Detector – PHPMD takes a given PHP source code base and look for several potential problems within that source.
PHP Reaper – PHP tool to scan ADOdb code for SQL Injections
PHP SA – PHPSA is a development tool aimed at bringing complex analysis for PHP applications and libraries.
PHP Stan – “PHPStan focuses on finding errors in your code without actually running it. “
PHP Unlocker – “PHP-Unlocker is a static analysis tool that detects potential, unintended DB table locks for PHP applications using ADOdb.”
PHP vuln hunter – A tool that can scan php vulnerabilities automatically using static analysis methods
RIPS – A static source code analyser for vulnerabilities in PHP scripts
psecio:parse – Parse : A PHP Security Scanner
SonarQube – An open platform to manage code quality. It covers PHP code.
Side Channel Analyzer – Search for side-channel vulnerable code.
TaintPHP – Static Taint Analysis for PHP web applications.
Tuli – A static analysis engine
17eyes – “PHP static analyzer written in Haskell”

PHPスクリプトの分析ツール

Bugs finders

Leave a Comment