PHP Vulnerability Scanner

Find vulnerabilities in your web applications with our automated PHP vulnerability scanner. Integrate with your DevOps process for security while you build.

Join the thousands of companies worldwide

Easy to use PHP vulnerability scanner

As one of the most widely used server-side scripting languages, PHP is a prime target for cyber attacks. PHP vulnerabilities, like SQL injection and cross-site scripting (XSS), can be exploited by hackers to steal data, gain unauthorized access to servers, and more. Intruder’s PHP vulnerability scanner makes it easy to continuously find and address vulnerabilities in web applications and stay secure.

How to use our online PHP vulnerability scanner

1

Sign up for an account

Once your account is activated, you can start scanning your systems.

2

Add your targets

Start scanning with just a domain name or IP address. Or, set up a cloud integration to pull targets automatically.

3

Get the results

Review vulnerabilities prioritized by severity and see what’s exposed to the internet.

Automated PHP vulnerability scanner

Schedule recurring scans at flexible intervals to check for 75+ vulnerabilities in your PHP applications, including OWASP Top 10 vulnerabilities. Easily add authentication to scan behind logins.

Automated PHP vulnerability scanner
Continuous security for PHP applications and their underlying infrastructure

Continuous security for PHP applications and their underlying infrastructure

Secure your PHP web applications, APIs, and underlying infrastructure - including cloud environments - in one platform. Intruder’s emerging threat scans proactively check your systems for newly released vulnerabilities.

Accelerate the time it takes to find and fix PHP vulnerabilities

Streamline your vulnerability management process and track how long it takes to remediate vulnerabilities in your PHP applications, so you can improve your time-to-fix. Intruder’s comprehensive, easy to understand remediation advice helps developers fix the issues.

Accelerate the time it takes to find and fix PHP vulnerabilities

Manual testing for PHP vulnerabilities and more

An automated PHP vulnerability scanner can help you identify many vulnerabilities in your web apps, but manual testing can uncover more. With Intruder's Bug Hunting Service, our experienced penetration testers can check for issues that are not detectable by scanners.

Manual testing for PHP vulnerabilities and more

Web application penetration testing: a beginner’s guide

Find out how to test the security of your web applications in our ultimate guide.

Web application penetration testing: a beginner’s guide

Read our reviews on G2.com

What does a PHP vulnerability scanner do?
faq arrow

A PHP vulnerability scanner ‘crawls’ through a web application in a similar way as a search engine would, sending a range of probes to each page it finds to look for security vulnerabilities.

How does Intruder’s PHP vulnerability scanner work?
faq arrow

Intruder’s PHP vulnerability scanner is a Dynamic Application Security Testing (DAST) tool, which means it tests the running application and requires no access to the source code.

To start scanning for vulnerabilities, all you need to provide is your web application’s IP address or URL.

What checks does Intruder perform?
faq arrow

Intruder performs 75+ checks for application issues, including OWASP Top 10 vulnerabilities such as SQL injection and XSS, and 140,000+ infrastructure checks, including unintentionally exposed systems, information leakage, and missing patches. Click here for more information.

Which plan do I need to get started?
faq arrow

The most comprehensive option for finding vulnerabilities in PHP applications is our Application License.

Our Application License is available across all our plans (Essential, Pro, Premium, and Vanguard). Learn more about our plans.

Can I scan behind a web app login?
faq arrow

Yes, you can carry out authenticated application scans using Intruder. This includes web apps, APIs, and single page applications (SPAs).

How does Intruder’s bug hunting service work?
faq arrow

Our team of experienced penetration testers will seek to identify serious weaknesses in your external targets, such as vulnerabilities in your PHP applications that are undetectable by scanners. Bug hunting is a bolt-on service available to Premium and Vanguard users and is sold and booked by the day. Click here to learn more.

Sign up for your free 14-day trial

7 days free trial