notice In EARLY development. Lots of things are likely to be changing!
My original thought was that this project might be worth doing as a composer require for a web app and then could be used as part of the deployment process. However, I'm considering developing this in Python instead.
This can be run on the command-line against any PHP codebase to help identify security flaws that could lead to XSS or SQLi vulnerabilities.
A basic app is included for testing (mostly for testing during development)