Welcome!

By registering with us, you'll be able to discuss, share and private message with other members of our community.

SignUp Now!
  • Guest, before posting your code please take these rules into consideration:
    • It is required to use our BBCode feature to display your code. While within the editor click < / > or >_ and place your code within the BB Code prompt. This helps others with finding a solution by making it easier to read and easier to copy.
    • You can also use markdown to share your code. When using markdown your code will be automatically converted to BBCode. For help with markdown check out the markdown guide.
    • Don't share a wall of code. All we want is the problem area, the code related to your issue.


    To learn more about how to use our BBCode feature, please click here.

    Thank you, Code Forum.

PHP Asking for your feedback on a PHP code security scanner in beta

phpio

New Coder
Hi, I'm Theo! Just to preface this for the mods: this is not an ad nor is this a commercial project -- a small team of devs (myself included) has recently finished working on a PHP code security scanner and we are humbly asking for your feedback.

We have already been told that integration with GitHub and GitLab would be great so that's what we have made possible in the last couple of days! Also, it would be great if you guys tested bits of code cause literally like 15 min ago someone helped us find a bug in the scanner.

Please spare maybe 5-10 min and a page or two of PHP code and tell us your feedback/what to improve./which features you'd like to see added? That would be help us so much!

Here's the link to the scanner 🙂

Thanks for reading! Cheers 😎
 
Hi.

Neat project you have there. Im bit surprised that you picked php, which i think is a language that is used less all the time. I might be wrong though.
Any ideas to turn this to scan javascript?

I gave few short codes this to check out. Seems valid scanner on that basis.

My codes were just like max few tens of rounds and it took some seconds to scan.
 
Hi, I'm Theo! Just to preface this for the mods: this is not an ad nor is this a commercial project -- a small team of devs (myself included) has recently finished working on a PHP code security scanner and we are humbly asking for your feedback.

We have already been told that integration with GitHub and GitLab would be great so that's what we have made possible in the last couple of days! Also, it would be great if you guys tested bits of code cause literally like 15 min ago someone helped us find a bug in the scanner.

Please spare maybe 5-10 min and a page or two of PHP code and tell us your feedback/what to improve./which features you'd like to see added? That would be help us so much!

Here's the link to the scanner 🙂

Thanks for reading! Cheers 😎
Hi there,
Quick question: United Global Remit...that is your team, correct?
 
Hi.

Neat project you have there. Im bit surprised that you picked php, which i think is a language that is used less all the time. I might be wrong though.
Any ideas to turn this to scan javascript?

I gave few short codes this to check out. Seems valid scanner on that basis.

My codes were just like max few tens of rounds and it took some seconds to scan.
Hey! Thanks so much for your feedback, mate :blush:

Your concerns are absolutely valid. We are planning to add the option of scanning javascripts! The project is young and fresh, so there're definitely more features in the works for the future.

Although for the beginning stage we've decided on php, since from our personal years of expecrience in making websites, the php language was used way more often compared to others. So we'd developed a great competence working with it. Moreover, PHP is used by 76.6% of all the websites whose server-side programming language we know - Usage Statistics and Market Share of Server-side Programming Languages for Websites, November 2023

The Company in Four Years Will Be…
Trusted and relevant. The go-to PHP code vulnerability scanner as its accuracy and simultaneous simplicity in use are unmatched. A truly multilingual app that works with over 30 programming languages. Online and offline functionality, local depository scheduled checks, sandpit code runner. Detail-oriented to the max, the borsoi of code vulnerabilities hunt.

Btw, any other suggestions are also most welcomed, I'll be happy to pass them on to my team, if you have any :geek:
 
You are absolutely right, that php is dominant on back ends at servers. And most likely will be so for years. But other languages are gaining popularity in that area. So when you have this neat system, extending it to cover future languages aswell is something to consider.

Good luck with this one. Always cool to see new great projects popping up and you clearly know what you are doing instead of just dreaming of it.
 
You are absolutely right, that php is dominant on back ends at servers. And most likely will be so for years. But other languages are gaining popularity in that area. So when you have this neat system, extending it to cover future languages aswell is something to consider.

Good luck with this one. Always cool to see new great projects popping up and you clearly know what you are doing instead of just dreaming of it.
Great news! You asked - we delivered! When we first started, scanning your project required you to click the Scan button and upload your code. You could package your project and upload it as one archive file, or upload up to 15 individual PHP files.

Our users asked us to add integrations with GitHub and GitLab to allow automated secure code checks to your CI/CD pipeline. Voila - now you can connect PHP Secure to your repository and run automated scans directly in your workflow!

Adding secure code checks to your existing workflow is easy. We have included all the step-by-step instructions to make it simple. Just follow the instructions carefully to set it up without a hitch.

Once connected, every time it is deployed, PHP Secure will check your project for vulnerabilities. Whenever new vulnerabilities are found, you'll be notified. You can view your scan results in your PHP Secure account.

Keep your applications secure and prevent deployment of vulnerable applications or components (registries) by adding PHP Secure to the build as a step in the pipeline.

What do you think of this new feature?

We strive to be on the cutting edge and offer you a superior product for years to come! Do you have any suggestions for improvement?
 

Attachments

  • unnamed.png
    unnamed.png
    39.1 KB · Views: 0

New Threads

Buy us a coffee!

Back
Top Bottom