Alternatives and similar repositories for phply

Users that are interested in phply are comparing it to the libraries listed below

• oliverklee / pixy
  Pixy is a scanner static code analysis tools that scans PHP applications for security vulnerabilities.
  ☆141Updated last year
• OneSourceCat / phpvulhunter
  A tool that can scan php vulnerabilities automatically using static analysis methods
  ☆491Updated 7 years ago
• GoSecure / php7-opcache-override
  Security-related PHP7 OPcache abuse tools and demo
  ☆316Updated 2 years ago
• olivo / TaintPHP
  Taint Analysis for PHP
  ☆45Updated 9 years ago
• ripsscanner / rips
  RIPS - A static source code analyser for vulnerabilities in PHP scripts
  ☆360Updated 9 years ago
• ircmaxell / php-cfg
  A Control Flow Graph implementation in PHP
  ☆248Updated 3 weeks ago
• fate0 / xmark
  A PHP7 extension that can hook most functions/classes and parts of opcodes
  ☆243Updated 4 years ago
• shengqi158 / pyvulhunter
  python audit tool 审计 注入 inject
  ☆183Updated 9 years ago
• fate0 / prvd
  PHP Runtime Vulnerability Detection
  ☆484Updated 6 years ago
• designsecurity / progpilot
  A static analysis tool for security
  ☆350Updated last month
• cwi-swat / php-analysis
  PHP language analyses in Rascal
  ☆28Updated last week
• beched / php_disable_functions_bypass
  procfs-based PHP sandbox bypass
  ☆134Updated 7 years ago
• felixgr / pytaint
  ☆34Updated 11 years ago
• lcatro / PHP_Source_Audit_Tools
  PHP 白盒分析工具,结合AST 和数据流跟踪分析代码,达到自动化白盒审计功能
  ☆148Updated 7 years ago
• chaitin / sqlchop
  [DEPRECATED]A novel SQL injection detection engine built on top of SQL tokenizing and syntax analysis.
  ☆252Updated last year
• robocoder / rips-scanner
  RIPS - A static source code analyser for vulnerabilities in PHP scripts
  ☆322Updated 3 years ago
• pokemonish / chrome_remote_interface_python
  Chrome Debugging Protocol interface for Python
  ☆109Updated 7 years ago
• opensec-cn / chip
  a simple tool to detect potential security threat in php code
  ☆315Updated last year
• jpapayan / aspis
  A PHP code transformer to provide protection against injection attacks
  ☆10Updated 14 years ago
• lowjoel / phortress
  A PHP static code analyser for potential vulnerabilities
  ☆29Updated 10 years ago
• bedirhan / wivet
  Web Input Vector Extractor Teaser
  ☆132Updated 3 years ago
• nubs / docker-php-minimal
  A collection of Dockerfiles for different versions of a very barebones PHP.
  ☆75Updated 8 years ago
• stivalet / PHP-Vulnerability-test-suite
  Collection of vulnerable and fixed PHP synthetic test cases
  ☆63Updated last year
• zerothoughts / spring-jndi
  Proof of concept exploit, showing how to do bytecode injection through untrusted deserialization with Spring Framework 4.2.4
  ☆116Updated 6 years ago
• zsxsoft / fval
  PHP Fval(say F-word to eval) extension used to disable unsafe functions/eval with E_FATAL.
  ☆17Updated 8 years ago
• WhaleShark-Team / ChromeHeadlessInterface
  ☆23Updated 8 years ago
• zsxsoft / my-ctf-challenges
  My CTF Challenges
  ☆216Updated 9 months ago
• Tr3jer / dnsAutoRebinding
  ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6
  ☆217Updated 8 years ago
• tgianko / deemon
  Deemon is a tool to detect CSRF in web applications. Deemon has been used for the paper "Deemon: Detecting CSRF with Dynamic Analysis and…
  ☆74Updated 7 years ago
• hi-WenR0 / MLCheckWebshell
  ☆106Updated 7 years ago