---
title: 'Secu tools'
media_order: _1secu-pet-ban.jpg
published: true
private: false
date: '03:22 17-03-2018'
taxonomy:
    category:
        - blog
    tag:
        - list
        - tools
        - secu
process:
    twig: true
    markdown: false
twig_first: true
debugger: true
hero_classes: ' parallax text-light title-h1h2'
hero_image: _1secu-pet-ban.jpg
blog_url: /articles
show_sidebar: true
show_breadcrumbs: true
show_pagination: true
feed:
    limit: 10
creator: erreur32
content:
    items: '- ''@self.children'''
    limit: '5'
    order:
        by: date
        dir: desc
    pagination: '1'
    url_taxonomy_filters: '1'
textformatter: true
---

<div id="rssbox">
<h1 id="mcetoc_1c8prgno00">list of usefull tools</h1>
 
<h2 id="mcetoc_1c8pvghj60">&nbsp;03/17/2018</h2>
 
[TOC]

<hr />
<h2 id="mcetoc_1c8prahgs2"><a href="https://github.com/Neo23x0/Loki">Loki</a></h2>
<p>Simple IOC Scanner<br /> Scanner for Simple Indicators of Compromise</p>
<h2 id="mcetoc_1c8pqo9og2"><a href="https://github.com/Te-k/phpscanner">phpscanner</a></h2>
<p>PHP scanner written in Python for identifying PHP backdoors and php malicious code. This tool is mainly reusing below mentioned tools. To use this tool, you need to install yara library for Python from the source.</p>
<h2 id="mcetoc_1c8pqo9og3"><a href="https://github.com/nbs-system/php-malware-finder/">php-malware-finder</a></h2>
<p>Does its very best to detect obfuscated/dodgy code as well as files using PHP functions often used in malwares/webshells. Detection is performed by crawling the filesystem and testing files against a set of YARA rules.</p>
<h2 id="mcetoc_1c8pqo9og4"><a href="https://github.com/planet-work/php-malware-scanner/">php-malware-scanner</a></h2>
<p>Scans the current working directory and display results with the score greater than the given value. Released under the MIT license.</p>
<h2 id="mcetoc_1c8pqo9og5"><a href="https://scovetta.github.io/yasca/">Yasca</a> (GitHub)</h2>
<p>an open source program which looks for security vulnerabilities, code-quality, performance, and conformance.</p>
<h2 id="mcetoc_1c8pqo9og6"><a href="https://www.acunetix.com/">acunetix</a></h2>
<p id="mcetoc_1c8prhgp62">Web Security Scanner</p>
<p>Acunetix WVS automatically checks your web applications for SQL Injection, XSS &amp; other web vulnerabilities.</p>
<h2 id="mcetoc_1c8pqo9og7"><a href="https://rips-scanner.sourceforge.net/">RIPS</a></h2>
<p>A static source code analyser for vulnerabilities in PHP .scripts</p>
<h2 id="mcetoc_1c8pqo9og8"><a href="https://cirt.net/nikto2">nikto2</a></h2>
<p>an open source web server scanner which performs comprehensive tests against web servers for multiple items, including potentially dangerous files/program.</p>
<p>ClamAV extension for PHP (php-clamav) - a fork of the php-clamavlib project allows to incorporate virus scanning features in your PHP scripts.</p>
<p id="mcetoc_1c8pqo9og9">Older projects: <strong>securityscanner, phpsecaudit</strong>.</p>
<p>&nbsp;</p>
 
<p>Check also the following security websites:</p>
<h2 id="mcetoc_1c8pqo9oga"><a href="https://sectools.org/">sectools.org</a></h2>
<h2 id="mcetoc_1c8pvb05i1"><a href="https://phpsec.org/">phpsec.org</a></h2>
<p id="mcetoc_1c8prhev41">PHP Security Consortium</p>
Founded in January 2005, the PHP Security Consortium (PHPSC) is an international group of PHP experts dedicated to promoting secure programming practices within the PHP community. Members of the PHPSC seek to educate PHP developers about security through a variety of resources, including documentation, tools, and standards.
 </div>