phpvuln is an open source OWASP penetration testing tool written in Python 3, that can speed up the the process of finding common PHP vulnerabilities in PHP code, i.e. command injection, local/remote file inclusion and SQL injection.
You can download phpvuln by cloning the Git repository:
git clone https://github.com/ecriminal/phpvuln.git
Install the required PIP packages:
python -m pip install -r requirements.txt
To get the list of all options use:
python phpvuln.py -h
I’m currently looking for contributors to help improve phpvuln. Contact me on Discord, if you’re interested 🙂