PHP security scanners
iniscan (PHP configuration scanner)
configuration audit, security assessment
Iniscan scans a given php.ini file and tests it against security best practices. It reports back the results by showing a Pass or Fail for each related test. As it is a command-line utility, it can be used in automated testing.
Parse (PHP security scanner)
code analysis, security assessment
Writing insecure code is often easier than one might expect. A tool like Parse can perform a security analysis on PHP code.
Missing a favorite tool in this list? Share a tool suggestion and we will review it.