Analysis tools logo
No results for 'undefined'
Search powered by Algolia

Best 88 PHP static analysis tools

6

CodeScene

CodeScene prioritizes technical debt, finds social patterns and identifies hidden risks in your code.

2

PHP Architecture Tester

Easy to use architecture testing tool for PHP.

1

Atom-Beautify

Beautify HTML, CSS, JavaScript, PHP, Python, Ruby, Java, C, C++, C#, Objective-C, CoffeeScript, TypeScript, Coldfusion, SQL, and more in Atom editor.

1

Depends

Analyses the comprehensive dependencies of code elements for Java, C/C++, Ruby.

1

phan

A modern static analyzer from etsy.

1

PHP Coding Standards Fixer

Fixes your code according to standards like PSR-1, PSR-2, and the Symfony standard.

1

SensioLabs Insight

Detect security risks, find bugs and provide actionable metrics for PHP projects.

0

AppChecker

Static analysis for C/C++/C#, PHP and Java.

0

Application Inspector

Commercial Static Code Analysis which generates exploits to verify vulnerabilities.

0

ApplicationInspector

Creates reports of over 400 rule patterns for feature detection (e.g. the use of cryptography or version control in apps).

0

APPscreener

Static code analysis for binary and source code - Java/Scala, PHP, Javascript, C#, PL/SQL, Python, T-SQL, C/C++, ObjectiveC/Swift, Visual Basic 6.0, Ruby, Delphi, ABAP, HTML5 and Solidity.

0

Axivion Bauhaus Suite

Tracks down error-prone code locations, style violations, cloned or dead code, cyclic dependencies and more for C/C++, C#/.NET, Java and Ada 83/Ada 95.

0

CAST Highlight

Commercial Static Code Analysis which runs locally, but uploads the results to its cloud for presentation.

0

churn-php

Helps discover good candidates for refactoring.

0

Codeac

Automated code review tool integrates with GitHub, Bitbucket and GitLab (even self-hosted). Available for JavaScript, TypeScript, Python, Ruby, Go, PHP, Java, Docker, and more. (open-source free)

0

codeburner

Provides a unified interface to sort and act on the issues it finds.

0

CodeFactor

Static Code Analysis for C#, C, C++, CoffeeScript, CSS, Groovy, GO, JAVA, JavaScript, Less, Python, Ruby, Scala, SCSS, TypeScript.

0

CodePatrol

Automated SAST code reviews driven by security, supports 15+ languages and includes security training.

0

Coverity

Synopsys Coverity supports 20 languages and over 70 frameworks including Ruby on rails, Scala, PHP, Python, JavaScript, TypeScript, Java, Fortran, C, C++, C#, VB.NET.

0

dephpend

Dependency analysis tool.

0

deprecation-detector

Finds usages of deprecated (Symfony) code.

0

DesignPatternDetector

Detection of design patterns in PHP code.

0

DevSkim

Regex-based static analysis tool for Visual Studio, VS Code, and Sublime Text - C/C++, C#, PHP, ASP, Python, Ruby, Java, and others.

0

EasyCodingStandard

Combine [PHP_CodeSniffer](https://github.com/squizlabs/PHP_CodeSniffer) and [PHP-CS-Fixer](https://github.com/FriendsOfPHP/PHP-CS-Fixer).

0

exakat

An automated code reviewing engine for PHP.

0

Fortify

A commercial static analysis platform that supports the scanning of C/C++, C#, VB.NET, VB6, ABAP/BSP, ActionScript, Apex, ASP.NET, Classic ASP, VB Script, Cobol, ColdFusion, HTML, Java, JS, JSP, MXML/Flex, Objective-C, PHP, PL/SQL, T-SQL, Python (2.6, 2.7), Ruby (1.9.3), Swift, Scala, VB, and XML.

0

ShiftLeft Scan

Scan is a free open-source DevSecOps platform for detecting security issues in source code and dependencies. It supports a broad range of languages and CI/CD pipelines.

0

Goodcheck

Regexp based customizable linter.

0

graudit

Grep rough audit - source code auditing tool.

0

GrumPHP

Checks code on every commit.

0

Kiuwan

Identify and remediate cyber threats in a blazingly fast, collaborative environment, with seamless integration in your SDLC. Python, C\C++, Java, C#, PHP and more.

0

Mondrian

A set of static analysis and refactoring tools which use graph theory.

0

parallel-lint

This tool checks syntax of PHP files faster than serial check with a fancier output.

0

Parse

A Static Security Scanner.

0

pdepend

Calculates software metrics like cyclomatic complexity for PHP code.

0

pfff

Facebook's tools for code analysis, visualizations, or style-preserving source transformation for many languages.

0

PHP Assumptions

Checks for weak assumptions.

0

PHP Insights

Instant PHP quality checks from your console. Analysis of code quality and coding style as well as overview of code architecture and its complexity.

0

Php Inspections (EA Extended)

A Static Code Analyzer for PHP.

0

PHP Refactoring Browser

Refactoring helper.

0

PHP Semantic Versioning Checker

Suggests a next version according to semantic versioning.

0

PHP-Parser

A PHP parser written in PHP.

0

PHP-Token-Reflection

Library emulating the PHP internal reflection.

0

php7cc

PHP 7 Compatibility Checker.

0

php7mar

Assist developers in porting their code quickly to PHP 7.

0

PHP_CodeSniffer

Detects violations of a defined set of coding standards.

0

phpca

Finds usage of non-built-in extensions.

0

phpcf

Finds usage of deprecated PHP features.

0

phpcpd

Copy/Paste Detector for PHP code.

0

phpdcd

Dead Code Detector (DCD) for PHP code.

0

PhpDependencyAnalysis

Builds a dependency graph for a project.

0

phpdoc-to-typehint

Add scalar type hints and return types to existing PHP projects using PHPDoc annotations.

0

phpDocumentor

Analyzes PHP source code to generate documentation.

0

phploc

A tool for quickly measuring the size and analyzing the structure of a PHP project.

0

PHPMD

Finds possible bugs in your code.

0

PhpMetrics

Calculates and visualizes various code quality metrics.

0

phpmnd

Helps to detect magic numbers.

0

PHPQA

A tool for running QA tools (phploc, phpcpd, phpcs, pdepend, phpmd, phpmetrics).

0

phpqa - jakzal

Many tools for PHP static analysis in one container.

0

phpqa - jmolivas

PHPQA all-in-one Analyzer CLI tool.

0

phpsa

Static analysis tool for PHP.

0

php-speller

PHP spell check library.

0

PHPStan

PHP Static Analysis Tool - discover bugs in your code without running it!

0

pre-commit

A framework for managing and maintaining multi-language pre-commit hooks.

0

Progpilot

A static analysis tool for security purposes.

0

Pronto

Quick automated code review of your changes. Supports more than 40 runners for various languages, including Clang, Elixir, JavaScript, PHP, Ruby and more.

0

Psalm

Static analysis tool for finding type errors in PHP applications.

0

PT.PM

An engine for searching patterns in the source code, based on Unified AST or UST. At present time C#, Java, PHP, PL/SQL, T-SQL, and JavaScript are supported. Patterns can be described within the code or using a DSL.

0

Qafoo Quality Analyzer

Visualizes metrics and source code.

0

RIPS

A static source code analyser for vulnerabilities in PHP scripts.

0

Security Code Scan

Security code analyzer for C# and VB.NET. Detects various security vulnerability patterns: SQLi, XSS, CSRF, XXE, Open Redirect, etc. Integrates into Visual Studio 2015 and newer. Detects various security vulnerability patterns: SQLi, XSS, CSRF, XXE, Open Redirect, etc.

0

Semmle QL and LGTM

Find security vulnerabilities, variants, and critical code quality issues using queries over source code. Automatic PR code review; free for public GitHub/Bitbucket repo: [LGTM.com](https://LGTM.com).

0

shipshape

Static program analysis platform that allows custom analyzers to plug in through a common interface.

0

SmartDec Scanner

SAST tool which is capable of identifying vulnerabilities and undocumented features. The analyzer scans the source code and executables without debug info (i.e. binaries). Supports: Java/Scala/Kotlin, PHP, C#, JavaScript, TypeScript, VBScript, HTML5, Python, Perl, C/C++, Objective-C/Swift, PL/SQL, T-SQL, ABAP, 1C, Apex, Go, Ruby, Groovy, Delphi, VBA, Visual Basic 6, Solidity, Vyper, COBOL.

0

Snyk

Vulnerability scanner for dependencies of node.js apps (free for Open Source Projects).

0

SonarQube

SonarQube is an open platform to manage code quality.

0

Synopsys

A commercial static analysis platform that allows for scanning of multiple languages (C/C++, Android, C#, Java, JS, PHP, Python, Node.JS, Ruby, Fortran, and Swift).

0

Tuli

A static analysis engine.

0

twig-lint

twig-lint is a lint tool for your twig files.

0

Undebt

Language-independent tool for massive, automatic, programmable refactoring based on simple pattern definitions.

0

Unibeautify

Universal code beautifier with a GitHub app. Supports HTML, CSS, JavaScript, TypeScript, JSX, Vue, C++, Go, Objective-C, Java, Python, PHP, GraphQL, Markdown, and more.

0

Upsource

Code review tool with static code analysis and code-aware navigation for Java, PHP, JavaScript and Kotlin.

0

Veracode

Find flaws in binaries and bytecode without requiring source. Support all major programming languages: Java, .NET, JavaScript, Swift, Objective-C, C, C++ and more.

0

WAP

Tool to detect and correct input validation vulnerabilities in PHP (4.0 or higher) web applications and predicts false positives by combining static analysis and data mining.

0

WhiteHat Application Security Platform

WhiteHat Scout (for Developers) combined with WhiteHat Sentinel Source (for Operations) supporting WhiteHat Top 40 and OWASP Top 10.

-1

deptrac

Enforce rules for dependencies between software layers.

❤️ Sponsor this project

We are currently looking for partners who want to sponsor hosting and development of the project.

Check out our Github Sponsors page here

Missing an entry? Please let us know.

© analysis-tools.dev