Awesome

TaintPHP

Static Taint Analysis for PHP web applications. Useful for detecting Cross-Site Scripting (XSS), SQL injections (SQLi), and confidentiality vulnerabilities.

Execution

The execution script is 'run.script'. Modify the 'APPLICATION_FILE' bash variable in 'run.script', and execute the script to start the analysis.