Tons more to do this just one tool
composer require alfred-nutile-inc/larscanner:dev-master
Add to config/app.php
AlfredNutileInc\LarScanner\Providers\LarScannerProvider::class
by https://github.com/sensiolabs/security-checker
Make sure to add to your env
SECURITY_NOTICE_SLACK_URL=https://room_to_slack
Then add to app/Console/Kernel.php
$schedule->command('larscanner:sensio')->daily()
->appendOutputTo('/tmp/security_issues.log')
->emailOutputTo('[email protected]');
The output is optional. By default it will send it to slack.
You can turn slack off if needed by (todo)
$ composer testPlease see CONTRIBUTING and CONDUCT for details.
- Allow slack to be turned off
-
Can we scan our code? Something like http://brakemanscanner.org/
-
What other well known libraries are there?
-
Some good links phparch nov 2016 good article with links to a number of services and php tools
-
can we find laravel vulnerabilities and scan our site nightly
-
use behat to try and break into our sites?