Custom PHP static analysis helper tool.
It will print out 'dangerous' lines with functions defined inside 'functions.txt', or alternatively lines containing specific string or regex.
git clone https://github.com/hansmach1ne/pvulnz
cd pvulnz/
pDir=$(pwd)
echo -e -n "\nalias pvulnz=\"python3 $pDir/pvulnz.py\"" >> ~/.bashrc
source ~/.bashrc
pip3 install -r requirements.txt
pvulnz -h
usage: pvulnz.py [-a <function>] [-d <function>] [-m] [-ms <string>] [-mr <regex>] [-r] [-h] [files ...]
pvulnz, PHP static analysis helper tool
positional arguments:
file(s) Specify php file(s) to look at, '*' for all.
optional arguments:
-a <function> Specify function name to add to the functions file
-d <function> Specify function name to delete from the functions file
-m Turn on match mode, while in this mode, 'functions.txt' is ignored
-ms <string> Specify string to match from parsed files.
-mr <regex> Specify regex string to match from parsed files.
-r, --recursive Look recursively from current directory.
-h, --help Show this help message and exit.
pvulnz -m -mr "echo.*\_REQUEST"
There are many possible XSS lines in the above image, and those could be a good starting point for research.