laramint/laravel-security-scanner
Laravel-aware security rules for php-security-scanner. Detects Laravel SQL injection (DB::raw, whereRaw), mass assignment, debug/dd leaks, unsafe validators, CSRF bypass, insecure cookies, env exposure, Blade raw echo, open redirect, Http SSRF, Storage/File path traversal, file-upload validation gaps, Auth/Crypt/Artisan/Process/Config injection, view-name injection, session fixation, and Mail header injection.
2
809
laramint/queryguard
Zero-config CI gate for Laravel: auto-instruments your test suite, baselines query counts, and fails PRs that introduce N+1s or query regressions.
1
23