A static analysis tool for security
☆359Aug 17, 2025Updated 6 months ago
Alternatives and similar repositories for progpilot
Users that are interested in progpilot are comparing it to the libraries listed below
Sorting:
- phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code☆725Jan 5, 2023Updated 3 years ago
- Collection of vulnerable and fixed PHP synthetic test cases☆66Oct 15, 2023Updated 2 years ago
- Pixy is a scanner static code analysis tools that scans PHP applications for security vulnerabilities.�☆141Jan 5, 2024Updated 2 years ago
- A Control Flow Graph implementation in PHP☆247Sep 20, 2025Updated 5 months ago
- Parse: A Static Security Scanner☆380Aug 7, 2018Updated 7 years ago
- Awesome PHP Security Resources 🕶🐘🔐☆1,028Sep 14, 2023Updated 2 years ago
- A reviewed list of useful PHP static analysis tools☆2,869Jan 28, 2025Updated last year
- A tool that can scan php vulnerabilities automatically using static analysis methods☆489Mar 20, 2018Updated 7 years ago
- The Exakat Engine : smart static analysis for PHP☆378Mar 24, 2022Updated 3 years ago
- Taint Analysis for PHP☆45Apr 17, 2016Updated 9 years ago
- OWASP WAP - Web Application Protection Project☆11Jul 24, 2019Updated 6 years ago
- PHP Runtime Vulnerability Detection☆480May 25, 2019Updated 6 years ago
- A PHP7 extension that can hook most functions/classes and parts of opcodes☆242Sep 17, 2021Updated 4 years ago
- A curated list of audit rules which extract from Source Code Auditing tools.☆15Feb 19, 2020Updated 6 years ago
- PHP tool to scan ADOdb code for SQL Injections☆31Aug 9, 2016Updated 9 years ago
- Drupal enumeration & exploitation tool☆612Nov 4, 2020Updated 5 years ago
- grep rough audit - source code auditing tool☆1,679Dec 19, 2025Updated 2 months ago
- A database of PHP security advisories☆2,106Updated this week
- sudo-parser is a tool to audit complex sudoers files☆18Nov 2, 2022Updated 3 years ago
- RIPS - A static source code analyser for vulnerabilities in PHP scripts☆323Jan 3, 2022Updated 4 years ago
- Collection of fuzzing payloads and corpus from all around added as sub modules☆15May 17, 2025Updated 9 months ago
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆27Feb 14, 2024Updated 2 years ago
- SonarPHP: PHP static analyzer for SonarQube & SonarLint☆424Updated this week
- Deeplack is a python script designed for comparing images (screenshots) using DeepAI to detect changes on websites.☆14Jun 19, 2019Updated 6 years ago
- PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.☆3,756Sep 29, 2025Updated 5 months ago
- ☆242Jan 27, 2019Updated 7 years ago
- Taint is a PHP extension, used for detecting XSS codes☆616Jul 1, 2024Updated last year
- Automatic SSRF fuzzer and exploitation tool☆3,489Sep 4, 2025Updated 6 months ago
- ☆23Apr 6, 2019Updated 6 years ago
- A script to automatically list visually indistinguishable permutations of domain names using IDN and punycode.☆21May 29, 2017Updated 8 years ago
- PHP function tracker☆242Feb 3, 2026Updated last month
- Experimental fuzzer for PHP libraries☆437Jan 9, 2026Updated last month
- Convert domain lists to resolved IP without duplicated, useful for strong large recon, and Bug Bounty☆13Apr 30, 2021Updated 4 years ago
- ☆11Sep 7, 2023Updated 2 years ago
- Looking for JAR files that are vulnerable to Log4j RCE (CVE‐2021‐44228)?☆45Mar 2, 2022Updated 4 years ago
- Pwn stuff.☆1,804May 31, 2022Updated 3 years ago
- PHP security vulnerabilities checker☆1,185Aug 2, 2024Updated last year
- A PHP static analysis tool for finding errors and security vulnerabilities in PHP applications☆5,814Updated this week
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,412Jun 17, 2025Updated 8 months ago