I've been coding for over 20 years now! (WOAH, do I feel old)
I've touched just about every resource imaginable under the Sun (too bad they were bought out by Oracle)
There are some other utilities I would consider, too. Even if a tool isn't label as "security", it may still significantly help in this front.
For static code analysis, I use PHAN.
To prevent SQL injection and to help audit my code bases, I wrote PUDL (PHP Universal Database Library). This library acts as an extremely powerful SQL query generator. Since I never even touch SQL at the application layer anymore, is one less major thing to worry about. - github.com/darkain/pudl
I was looking into PHAN, and while it's a great tool I don't see it helping with security issues.
I'm a strong believer in targeted awesome lists and as such decided to leave PHAN out of it.
However, there are also great lists that give a broader picture of awesome PHP resources, such as github.com/ziadoz/awesome-php.
Nice work on PUDL, have you considered adding it to the awesome-php list?
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
There are some other utilities I would consider, too. Even if a tool isn't label as "security", it may still significantly help in this front.
For static code analysis, I use PHAN.
To prevent SQL injection and to help audit my code bases, I wrote PUDL (PHP Universal Database Library). This library acts as an extremely powerful SQL query generator. Since I never even touch SQL at the application layer anymore, is one less major thing to worry about. - github.com/darkain/pudl
Thanks for sharing Vincent.
I was looking into PHAN, and while it's a great tool I don't see it helping with security issues.
I'm a strong believer in targeted awesome lists and as such decided to leave PHAN out of it.
However, there are also great lists that give a broader picture of awesome PHP resources, such as github.com/ziadoz/awesome-php.
Nice work on PUDL, have you considered adding it to the awesome-php list?