[Owasp-leaders] Static Code Analysis Tool for php?

Andre Gironda andreg+owasp at gmail.com
Mon Dec 14 21:51:56 UTC 2015


Katy,

Please check these FOSS projects out --
https://github.com/ircmaxell/php-security-scanner --
https://github.com/oliverklee/pixy --
https://github.com/bizonix/rips-scanner

For more-serious projects, you may want to consider commercial SAST,
such as promoted by leading analysts at Gartner, Forrester, the 451
Group, et al. Most OWASPers prefer FOSS projects, though!

dre


On Mon, Dec 14, 2015 at 1:36 PM, Katy Anton <katy.anton at owasp.org> wrote:
> Hi all,
>
> Does anyone has a  suggestion for a good static code analysis tool for php?
> Had a look at RIPS, but it looks version  0.5 development is abandoned.
> http://sourceforge.net/projects/rips-scanner/
>
> Thanks a lot,
>
> Katy Anton
>
> OWASP Bristol (UK) Chapter Leader
>
> Email: katy.anton at owasp.org
>
>
>
>
>
>
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>


More information about the OWASP-Leaders mailing list