oliverklee / pixy
Pixy is a scanner static code analysis tools that scans PHP applications for security vulnerabilities.
☆140Updated last year
Alternatives and similar repositories for pixy:
Users that are interested in pixy are comparing it to the libraries listed below
- Taint Analysis for PHP☆45Updated 9 years ago
- PHP language analyses in Rascal☆27Updated 5 months ago
- OWASP WAP - Web Application Protection Project☆11Updated 5 years ago
- Web Input Vector Extractor Teaser☆132Updated 3 years ago
- Collection of vulnerable and fixed PHP synthetic test cases☆60Updated last year
- A Control Flow Graph implementation in PHP☆243Updated last month
- RIPS - A static source code analyser for vulnerabilities in PHP scripts☆355Updated 8 years ago
- Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.☆17Updated 6 years ago
- This is the repository for JÄk. I created it as prototype during my masterthesis.☆30Updated 7 years ago
- ☆23Updated 6 years ago
- Security-related PHP7 OPcache abuse tools and demo☆310Updated 2 years ago
- A PHP static code analyser for potential vulnerabilities☆28Updated 10 years ago
- A static analysis tool for security☆339Updated 4 months ago
- Fuzzer for PHP internal functions☆31Updated 13 years ago
- Tainted PhantomJS☆53Updated 9 years ago
- Deemon is a tool to detect CSRF in web applications. Deemon has been used for the paper "Deemon: Detecting CSRF with Dynamic Analysis and…☆75Updated 6 years ago
- CodeIgniter <=2.1.4 session cookie decryption vulnerability☆39Updated 8 years ago
- A tool that can scan php vulnerabilities automatically using static analysis methods☆489Updated 7 years ago
- A PHP code transformer to provide protection against injection attacks☆10Updated 13 years ago
- PHP parser written in Python using PLY☆369Updated 2 years ago
- procfs-based PHP sandbox bypass☆133Updated 6 years ago
- Symbolic execution inspired PHP application scanner for code-path discovery☆32Updated 5 years ago
- Parser utility to generate ASTs from PHP source code suitable to be processed by Joern.☆35Updated 5 years ago
- Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4☆116Updated 5 years ago
- 各种漏洞poc、Exp的收集或编写☆33Updated 8 years ago
- Burp Suite plugin which implement PyJFuzz for fuzzing web application.☆56Updated 8 years ago
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆25Updated last year
- ☆55Updated 8 years ago
- ☆84Updated 8 years ago
- ☆36Updated 9 years ago