https://github.com/swisskyrepo/Vulny-Code-Static-Analysis
VulnyCode is basic script to detect vulnerabilities into a PHP source code, it is using Regular Expression to find sinkholes.
Arbitrary Cookie
Arbitrary File Deletion
Arbitrary Variable Overwrite
Cross Site Scripting
File Inclusion
File Inclusion / Path Traversal
File Upload
Header Injection
Information Leak
Insecure E-mail
Insecure Weak Random
LDAP Injection
PHP Object Injection
Remote Code Execution
Remote Command Execution
Server Side Request Forgery
Server Side Template Injection
SQL Injection
URL Redirection
Weak Cryptographic Hash
XML external entity
XPATH Injection
Hardcoded credentials
High Entropy string