PHP security scanners

Writing insecure code is often easier than one might expect. A tool like Parse can perform a security analysis on PHP code.

Iniscan scans a given php.ini file and tests it against security best practices. It reports back the results by showing a Pass or Fail for each related test. As it is a command-line utility, it can be used in automated testing.

This tool helps with the detection of security issues in your PHP configuration. This is useful for web hosters, developers, and application owners to test their configuration for common weaknesses.