Open Source PHP Software Testing Tools

SecLists is the ultimate security tester’s companion. It is a collection of various types of lists commonly used during security assessments, all in one place. SecLists helps to increase efficiency and productivity in security testing by conveniently providing all the lists a security tester may need in one repository. List types include those for usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and many more. All the tester will have to do is pull this repo onto a new testing box and he’ll have access to every type of list he may require.

This is is a modular, test driven website that tries to break web clients of all kind. If you are developing applications that interact with websites you might want to throw it at this website first and see if it survives.

PHPCentaur is a PHP5 driven exploit scanner for webservers. Scope of the project: -SQL exploits, Cros site scripting vulnerabilities, Remote code injection, Encoding vulnerabilities, Session based attacks. And more...

PHPCorrector is a tool that scans your PHP code to find Cross-Site Scripting (XSS) and SQL Injection (SQLi) vulnerabilities. When a vulnerability is found, it is corrected automatically.

Vulnerawa stands for vulnerable web application, though I think it should be renamed Vulnerable website. Unlike other vulnerable web apps, this application strives to be close to reality as possible. To know more about Vulnerawa, go here https://www.hackercoolmagazine.com/vulnerawa-vulnerable-web-app-for-practice/ See how to setup Vulnerawa in Wamp server. https://www.hackercoolmagazine.com/how-to-setup-vulnerawa-in-wamp-server/ To see how to set up a web app pen testing lab with Vulnerawa. https://www.hackercoolmagazine.com/how-to-create-a-web-application-pentest-lab/