RIPS - A static source code analyser for vulnerabilities in PHP scripts

RIPS is a tool written in PHP to find vulnerabilities in PHP applications using static code analysis. By tokenizing and parsing all source code files RIPS is able to transform PHP source code into a program model and to detect sensitive sinks (potentially vulnerable functions) that can be tainted by userinput (influenced by a malicious user) during the program flow. Besides the structured output of found vulnerabilities RIPS also offers an integrated code audit framework for further manual analysis.

Features

vulnerabilities

Code Execution

Command Execution

Cross-Site Scripting

Header Injection

File Disclosure

File Inclusion

File Manipulation

LDAP Injection

SQL Injection

Unserialize with POP

XPath Injection

code audit interface

scan and vulnerability statistics

grouped vulnerable code lines (bottom up or top down)

vulnerability description with example code, PoC, patch

exploit creator

file list and graph (connected by includes)

function list and graph (connected by calls)

userinput list (application parameters)

source code viewer with highlighting

active jumping between function calls

search through code by regular expression

8 syntax highlighting designs

static code analysis

fast

tokenizing with PHP tokenizer extension

taint analysis for 232 sensitive sinks

inter- and intraprocedural analysis

handles very PHP-specific behaviour

handles user-defined securing

reconstruct file inclusions

detect blind/non-blind exploitation

detect backdoors

5 verbosity levels

over 100 testcases

Download + Installation

Install a local webserver like (xampp) parsing PHP files (should already be available if you develop PHP applications).
Download the latest version from Here.
Extract all files to your local webservers document root (e.g. /var/www/rips/)
goto http://localhost/rips/ and start scanning.

Source -

RIPS website

http://sourceforge.net/projects/rips-scanner/

Snapshot of RIPS