0009253: phpmap - fast, modular PHP vulnerability scanner and exploitation framework

ID	Project	Category	View Status	Date Submitted	Last Update

0009253	Kali Linux	New Tool Requests	public	2025-07-19 15:27	2026-03-26 10:34

Reporter	mqz	Assigned To	daniruiz
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	closed	Resolution	won't fix

Summary	0009253: phpmap - fast, modular PHP vulnerability scanner and exploitation framework
Description	Name: phpmap Repo: https://github.com/mqz0211/phpmap Author: Qhaleesh Zhariif (MQZ) License: Apache 2.0 Language: Python 3 Description: phpmap is a modular vulnerability scanner for PHP-based web applications. It supports LFI detection, and upcoming modules include upload bypass and deserialization flaw detection. Designed for CLI, modular use, and Debian packaging compatibility. Rationale: There is currently no dedicated, modular PHP-focused vuln scanner included in Kali. This tool fills that gap with LFI scanning, and planned features like RFI, upload bypasses, and eval injection. It follows Debian standards and includes a working Debian package. Packaging: A `debian/` folder is already included in the repository. The tool has been tested with `dpkg-buildpackage` and meets Kali packaging standards. Let me know if any changes or improvements are needed for inclusion.

Date Modified	Username	Field	Change
2025-07-19 15:27	mqz	New Issue
2025-07-22 11:43	daniruiz	Summary	New Tool Submission: phpmap => phpmap - fast, modular PHP vulnerability scanner and exploitation framework
2025-07-25 09:39	mqz	Note Added: 0020754
2025-07-25 14:32	mqz	Note Edited: 0020754
2026-03-26 10:34	daniruiz	Note Added: 0021486
2026-03-26 10:34	daniruiz	Assigned To	=> daniruiz
2026-03-26 10:34	daniruiz	Status	new => closed
2026-03-26 10:34	daniruiz	Resolution	open => won't fix

mqz 2025-07-25 09:39 reporter ~0020754 Last edited: 2025-07-25 14:32

daniruiz 2026-03-26 10:34 manager ~0021486	Hello, Thanks for your submission. We can’t package every infosec tool, so we prioritize those with wider adoption and community usage. Best of luck with your project.