You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
PHP vulnerability scanner written in C#. Why C#? Because! That's why!
Requirements
.NET 4.5 or Mono 3.12.0-1
PHP >= 5.3
Good intentions
Getting it running
Download project
Install Composer (for the PHP parser)
2.1. From the PHPAnalysis-parser folder run composer update in terminal
2.2. Make sure all dependencies are correctly installed.
Fix the config.yml
Run the application
Getting it running on Ubuntu 16.04
Install PHP sudo apt install php7.0-cli
Make sure you have the XML library sudo apt install php-xml
Install PHPAnalysis-parser dependencies with Composer composer install composer update
Restore NuGet packages for PHPAnalysis solution nuget restore
Build solution msbuild ./PHPAnalysis.sln
Update the config.yml file with correct settings
Remember to reference the FileWriter and/or the WordPress dll files if needed
Run the analysis mono PHPAnalysis.exe --all --target ./myPhpFile.php
Errors
A list of possible errors you might experience while setting up/using this application and possible ways to mitigate them.
"Parser error: Syntax error, unexpected EOF on line xx"
(PHP project/parser throws this error)
Make sure that there is no syntactical errors in your PHP code. This scanner does not handle syntax errors very well.
If the syntax is correct, try updating to the newest version of PHP.
CONFIGURATION ERROR
Make sure the configuration file (config.yml) is present and has the correct format. It should look like the config-template.yml file.
Standard rules for Yaml files apply.
Common error:
Using tabs instead of spaces. Indentation should be done using spaces.
