Skip to content

Add ABOM tool for Vulnerability scanning #63

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ See [CONTRIBUTING](https://github.com/exakat/php-static-analysis-tools/blob/mast
### Bugs finders

Tools to report issues in code that are or lead to bugs.

* [Abom](https://vulert.com/abom) - Vulert finds and monitors open source vulnerabilities from manifest files or SBOMs.
* [AppChecker](https://npo-echelon.ru/en/solutions/appchecker.php) - static analysis tool for finding bugs, weaknesses and vulnerabilities in source code
* [Code insight](https://github.com/console-helpers/code-insight) - A tool for analysing other project code bases.
* [AST Metrics](https://github.com/Halleck45/ast-metrics) - A blazing-fast static code analyzer that help your to identify code that needs to be refactored.
Expand Down Expand Up @@ -74,7 +74,8 @@ Tools to report issues in code that are or lead to bugs.
* [TaintPHP](https://github.com/olivo/TaintPHP.git) - Static Taint Analyzer.
* [Tuli](https://github.com/ircmaxell/Tuli) - A static analysis engine.
* [Unused-scanner](https://github.com/Insolita/unused-scanner.git) - Detect unused composer dependencies
* [WAP](https://www.owasp.org/index.php/OWASP_WAP-Web_Application_Protection) - Tool to detect and correct input validation vulnerabilities in PHP (4.0 or higher) web applications and predicts false positives.
* [WAP](https://www.owasp.org/index.php/OWASP_WAP-Web_Application_Protection) - Tool to detect and correct input validation vulnerabilities in PHP (4.0 or higher) web applications and predicts false positives.
* [Vulert](vulert.com) - Vulert secures software by detecting vulnerabilities in open-source dependencies—without accessing your code. It supports PHP, Java, Python, and more.
* [PHP VarDump Check](https://github.com/php-parallel-lint/PHP-Var-Dump-Check) - PHP console application for finding forgotten variable dump.
* [17eyes](https://github.com/17eyes/17eyes) - PHP static analyzer written in Haskell.
* [CakeFuzzer](https://zigrin.com/tools/cake-fuzzer) - Ultimate web application security testing tool for CakePHP based web applications.
Expand Down