欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  后端开发

PHP静态安全扫描器:php-security-scanner

程序员文章站 2022-04-02 18:06:12
...
它能够探测传递的不安全变量到不安全的函数参数。

用法:

bin/php-security-scanner scan path/to/files

它将搜索所有文件的安全问题。

示例

Given the following code:


Running the scanner on this file will identify like 4 as an error, with the message:

Possible SQL Injection found in call to foo() argument number 1

Supported vulnerability scanners:

Currently, onlymysql_queryis supported, and only in limited situations.


项目主页:http://www.open-open.com/lib/view/home/1438239170863