PHP static code analysis tool that follows includes (framework compatible)

Asked Sep 29 '18 at 02:45

Active Sep 29 '18 at 02:45

Viewed 82 times

I have been looking for a PHP taint analysis tool, or a PHP parser that can include files within its analysis.

For example:

include "asdf.php"

//this is a function defined in asdf.php
echo test($_GET["test"]);

The tool should include asdf.php into the analysis. Has anyone seen such a tool, or is this just a big gap?

So far, the best parser I have seen is https://github.com/nikic/PHP-Parser , which I have considered writing something to do the above. Any help would be appreciated!

asked Sep 29 '18 at 02:45

James Edwards

Are you looking only for free tools or paid ones are also possible? – yaloner Oct 01 '18 at 12:05
Free tools would be better as it is for research. – James Edwards Oct 05 '18 at 13:43

PHP static code analysis tool that follows includes (framework compatible)

0 Answers0