What are the free hand-built PHP vulnerability scanners?

V

Vadim2021-10-07 11:56:47

PHP

Vadim, 2021-10-07 11:56:47

There is a php application that is built manually, without using a package manager ... I didn’t work with a php backend before, and in this regard, 2 questions:

1) Probably, even if built manually, these packages will still be written in a separate file and in which one?
2) Is there any free application - a php package vulnerability scanner that will work without the use of composer and his friends?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

S

Stalker_RED, 2021-10-07
@Viji

These "packages" from the composer are just folders with files that contain conposer.json files with meta-information, such as listing dependencies.
When building manually, no one bothers to just download zip archives with all this from github (or any other sources) and add your autoloader.
Or without an autoloader at all, stuff require_once in the right places, as in the days of php4.
And then there will be no separate file with dependencies.
Therefore, it is difficult to imagine how a security scanner will scan packages without a composer, despite the fact that the packages themselves are a virtual entity that is created by the composer itself.