Leader badge

RIPS is a static code analysis tool for the automated detection of security vulnerabilities in PHP applications. It was released 2010 during the Month of PHP Security (www.php-security.org).

NOTE: RIPS 0.5 development is abandoned. A complete rewrite with OOP support and higher precision is available at https://www.ripstech.com/next-generation/

Features

  • detect XSS, SQLi, File disclosure, LFI/RFI, RCE vulnerabilities and more
  • 5 verbosity levels for debugging your scan results
  • mark vulnerable lines in source code viewer
  • highlight variables in the code viewer
  • user-defined function code by mouse-over on detected call
  • active jumping between function declaration and calls
  • list of all user-defined functions (defines and calls), program entry points (user input) and scanned files (with includes) connected to the source code viewer
  • graph visualization for files and includes as well as functions and calls
  • create CURL exploits for detected vulnerabilties with few clicks
  • visualization, description, example, PoC, patch and securing function list for every vulnerability
  • 7 different syntax highlighting colour schemata
  • display scan result in form of a top-down flow or bottom-up trace
  • only minimal requirement is a local webserver with PHP and a browser (tested with Firefox)
  • regex search function

Project Samples

Files Graph Code Viewer with highlighting Exploit Creator and verbosity levels Functions Graph Scan Statistik windows and vulnerability types

Project Activity

See All Activity >

Categories

Security, Static Code Analysis

License

GNU General Public License version 3.0 (GPLv3)

Follow RIPS - PHP Security Analysis

RIPS - PHP Security Analysis Web Site

You Might Also Like
RMM Software | Remote Monitoring Platform and Tools Icon
RMM Software | Remote Monitoring Platform and Tools

Best-in-class automation, scalability, and single-pane IT management.

Don’t settle when it comes to managing your clients’ IT infrastructure. Exceed their expectations with ConnectWise RMM, our MSP RMM software that provides proactive tools and NOC services—regardless of device environment. With the number of new vulnerabilities rising each year, smart patching procedures have never been more important. We automatically test and deploy patches when they are viable and restrict patches that are harmful. Get better protection for clients while you spend less time managing endpoints and more time growing your business. It’s tough to locate, afford, and retain quality talent. In fact, 81% of IT leaders say it’s hard to find the recruits they need. Add ConnectWise RMM, NOC services and get the expertise and problem resolution you need to become the advisor your clients demand—without adding headcount.
Learn More
Rate This Project
Login To Rate This Project

User Ratings

4.3 out of 5 stars
★★★★★
★★★★
★★★
★★
10
0
0
0
2
ease 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 5 / 5
features 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 3 / 5
design 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 4 / 5
support 1 of 5 2 of 5 3 of 5 4 of 5 5 of 5 5 / 5

User Reviews

Filter Reviews:
★★★★★
  • devloop Posted 2020-03-04
    Great tool to audit PHP code
  • delphiprog Edited 2014-04-30
    It does the job and it is very fast ! Excellent software.
  • tfileme Posted 2013-05-26
    Rips-scanner works excellent.
    1 user found this review helpful.
  • alexvinnox Posted 2013-03-06
    Goog job, TNX!
    1 user found this review helpful.
  • silttor Posted 2012-10-20
    Just what I need. job for me perfectly!
Read more reviews >

Additional Project Details

User Interface

Web-based

Programming Language

PHP

Related Categories

PHP Security Software, PHP Static Code Analysis Tool

Registered

2010-05-23
Report inappropriate content