Ward is a Go-based command-line security scanner built specifically for Laravel projects. It parses Laravel's structure (routes, models, controllers, Blade templates, config files, env vars, dependencies) and runs four targeted scan engines: env-scanner, config-scanner, dependency-scanner (using live OSV.dev data), and a rules-scanner with 42 built-in rules covering secrets, injection, XSS, weak crypto, and more. It features a terminal UI, multiple output formats (JSON, SARIF, HTML, Markdown), CI/CD integration with exit-code gating, baseline management to track acknowledged findings, custom rule support, and scan history diffing.
Table of contents
# Installation# Scanning a Project# What It Checks# Output Formats# CI/CD Integration# Baseline Management# Custom Rules# Scan History1 Comment
Sort: