Last active
September 26, 2023 12:34
-
-
Save igor-imaginemage/ceb0605acf57ec617c7463a6d5272af4 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| parameters: | |
| level: 1 | |
| ignoreErrors: | |
| - '#Variable \$this might not be defined#' | |
| - '#Variable \$block might not be defined#' | |
| - '#^Should not use node with type "Stmt_Echo", please change the code\.$#' | |
| banned_code: | |
| nodes: | |
| # enable detection of eval | |
| - | |
| type: Expr_Eval | |
| functions: null | |
| # enable detection of die/exit | |
| - | |
| type: Expr_Exit | |
| functions: null | |
| # enable detection of a set of functions | |
| - | |
| type: Expr_FuncCall | |
| functions: | |
| - dd | |
| - debug_backtrace | |
| - dump | |
| - exec | |
| - passthru | |
| - phpinfo | |
| - print_r | |
| - proc_open | |
| - shell_exec | |
| - system | |
| - var_dump | |
| # enable detection of print statements | |
| - | |
| type: Expr_Print | |
| functions: null | |
| # enable detection of shell execution by backticks | |
| - | |
| type: Expr_ShellExec | |
| functions: null |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment