php-malware-finder
local-php-security-checker
php-malware-finder | local-php-security-checker | |
---|---|---|
3 | 5 | |
269 | 1,148 | |
0.0% | - | |
1.8 | 2.9 | |
about 2 years ago | 13 days ago | |
PHP | Go | |
GNU Lesser General Public License v3.0 only | GNU Affero General Public License v3.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
php-malware-finder
-
Scan for vulnerabilities?
Also if you are running PHP, then https://github.com/nbs-system/php-malware-finder. They detected stuff (consequences of WordPress compromise, obfuscated webshells) that ClamAV doesn't complain about.
-
Scanners for known PHP exploits and exploit signatures
PMF
- Laravel QR Code Generator Infected with Malware
local-php-security-checker
-
What are some helpful tools every Laravel CI pipeline should have?
test -d local-php-security-checker || curl -L https://github.com/fabpot/local-php-security-checker/releases/download/v1.2.0/local-php-security-checker_1.2.0_linux_amd64 --output local-php-security-checker chmod +x local-php-security-checker ./local-php-security-checker
-
Unknown error running php bin/console security:check
The best alternative to use now is to download a local-security-checker binary (https://github.com/fabpot/local-php-security-checker/releases), saving it in the bin folder, and running that binary (via bin/local-php-security-checker).
-
PHP libraries and tools
Local PHP Security Checker: PHP security vulnerabilities checker
-
Laravel QR Code Generator Infected with Malware
It looks like they utilize this repo for advisories: https://github.com/FriendsOfPHP/security-advisories/ -- via https://symfony.com/blog/the-php-security-checker-as-a-docker-image
-
Why does validating a user require 14000 files?
https://github.com/fabpot/local-php-security-checker
I agree, composer is not perfect, but before it was worse.
What are some alternatives?
php-malware-scanner - Scans PHP files for malwares and known threats
SecurityAdvisories - :closed_lock_with_key: Security advisories as a simple composer exclusion list, updated daily
vuls - Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Spout - Read and write spreadsheet files (CSV, XLSX and ODS), in a fast and scalable way
clamav - ClamAV - Documentation is here: https://docs.clamav.net
ComposerRequireChecker - A CLI tool to check whether a specific composer package uses imported symbols that aren't part of its direct composer dependencies
Awesome-Linux-Software - 🐧 A list of awesome Linux softwares
GrumPHP - A PHP code-quality tool
google-api-php-client-services
google-api-php-client - A PHP client library for accessing Google APIs
churn-php - Discover files in need of refactoring.