The Wayback Machine - https://web.archive.org/web/20231118131614/http://github.com/swisskyrepo/Vulny-Code-Static-Analysis
Skip to content

swisskyrepo/Vulny-Code-Static-Analysis

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 0 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.github
 
 
semgrep
 
 
utils
 
 
vulns
 
 
.gitignore
 
 
LICENSE
 
 
README.md
 
 
detection.py
 
 
functions.py
 
 
index.py
 
 
indicators.py
 
 
VulnyCode - PHP Code Static Analysis - Deprecated Alternatives

README.md

VulnyCode - PHP Code Static Analysis Tweet - Deprecated

1.0.0 Python Platform

⚠️ Deprecated, you should use semgrep rules instead of this script: semgrep --config=./semgrep/ vulns/*.php Most of the semgrep rules provided in this repository are from https://github.com/returntocorp/semgrep-rules

Basic script to detect vulnerabilities into a PHP source code, it is using Regular Expression to find sinkholes.

# HELP
╭─ 👻 swissky@crashlab: ~/Github/PHP_Code_Static_Analysis  ‹master*›
╰─$ python3 index.py           
usage: index.py [-h] [--dir DIR] [--plain]

optional arguments:
  -h, --help  show this help message and exit
  --dir DIR   Directory to analyse
  --plain     No color in output

# Example
╭─ 👻 swissky@crashlab: ~/Github/PHP_Code_Static_Analysis  ‹master*›
╰─$ python3 index.py --dir vulns    
------------------------------------------------------------
Analyzing 'vulns' source code
------------------------------------------------------------
Potential vulnerability found : File Inclusion
Line 19 in vulns/include.php
Code : include($_GET['patisserie'])
------------------------------------------------------------
Potential vulnerability found : Insecure E-mail
Line 2 in vulns/mail.php
Code : mail($dest, "subject", "message", "", "-f" . $_GET['from'])
Declared at line 1 : $dest = $_GET['who'];

Currently detecting :

  • Arbitrary Cookie
  • Arbitrary File Deletion
  • Arbitrary Variable Overwrite
  • Cross Site Scripting
  • File Inclusion
  • File Inclusion / Path Traversal
  • File Upload
  • Header Injection
  • Information Leak
  • Insecure E-mail
  • Insecure Weak Random
  • LDAP Injection
  • PHP Object Injection
  • Remote Code Execution
  • Remote Command Execution
  • Server Side Request Forgery
  • Server Side Template Injection
  • SQL Injection
  • URL Redirection
  • Weak Cryptographic Hash
  • XML external entity
  • XPATH Injection
  • Hardcoded credentials
  • High Entropy string

if you want to export each vulnerabilities type into a folder use the "export.sh"

Don't forget to read the license ;)

Alternatives

About

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

Topics

php static-analysis audit vulnerabilities php-source hacktoberfest security-scanner security-tools detect-vulnerabilities statical-analysis

Resources

Readme

License

View license
Activity

Stars

364 stars

Watchers

18 watching

Forks

135 forks
Report repository

Releases

No releases published

Sponsor this project

  •  
Learn more about GitHub Sponsors

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages