misc tools to scan apps after being deployed
Tons more to do this just one tool
composer require alfred-nutile-inc/larscanner:dev-master
Make sure to add to your env
Then add to
$schedule->command('larscanner:sensio')->daily() ->appendOutputTo('/tmp/security_issues.log') ->emailOutputTo('email@example.com');
The output is optional. By default it will send it to slack.
You can turn slack off if needed by (todo)
$ composer test
- Allow slack to be turned off
Can we scan our code? Something like http://brakemanscanner.org/
What other well known libraries are there?
Some good links phparch nov 2016 good article with links to a number of services and php tools
can we find laravel vulnerabilities and scan our site nightly
use behat to try and break into our sites?