PHPackages                             iamariezflores/php-sec-check - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. iamariezflores/php-sec-check

ActiveLibrary[Security](/categories/security)

iamariezflores/php-sec-check
============================

PHP Security Check Tool

v1.0.0.2(9mo ago)04[1 PRs](https://github.com/iamariezflores/php-sec-check/pulls)MITPHP

Since Aug 13Pushed 8mo agoCompare

[ Source](https://github.com/iamariezflores/php-sec-check)[ Packagist](https://packagist.org/packages/iamariezflores/php-sec-check)[ RSS](/packages/iamariezflores-php-sec-check/feed)WikiDiscussions main Synced 1mo ago

READMEChangelog (3)DependenciesVersions (8)Used By (0)

PHP Security Check (php-sec-check)
==================================

[](#php-security-check-php-sec-check)

A lightweight CLI tool to **scan PHP and Laravel projects for common security risks**.
Runs as `vendor/bin/sec-check` after installation via Composer.

---

✨ Features
----------

[](#-features)

- ✅ **Generic PHP Checks**

    - PHP version check
    - Detect if `display_errors` is enabled
    - Dangerous function detection (`exec`, `shell_exec`, `system`, `eval`, etc.)
    - Composer dependency audit (`composer audit`)
- 🚀 **Laravel-Specific Checks**

    - Auto-detects Laravel projects
    - Scans `.env` for sensitive credentials
    - Warns if `vendor/` is **committed to Git**
- ⚙️ **Configurable**

    - Creates a `php-sec-check-config.php` file on first run
    - Add your **own sensitive keys** for `.env` scanning
    - Example: ```