Eljakani

Eljakani / ward

Public

Security scanner built for Laravel, detects misconfigurations, vulnerabilities, and exposed secrets with a beautiful TUI.

laravel-ward.surge.sh cli cve golang laravel laravel-security
156
10
100% credibility
Found Feb 17, 2026 at 31 stars 5x -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Go
AI Summary

Ward is a specialized security scanner for Laravel web applications that analyzes configurations, dependencies, environment settings, and code patterns to detect vulnerabilities and generate reports.

How It Works

1
🔍 Discover Ward

You learn about Ward, a helpful tool that spots security weak spots in your web projects.

2
📥 Get Ward ready

You easily add Ward to your computer so it's always there when you need it.

3
⚙️ Prepare your setup

You create a simple folder where Ward keeps its checking rules and past results.

4
🛡️ Launch a scan

You tell Ward to check your project folder or online link, and watch the colorful screen show live progress.

5
📊 Review findings

You see a clear list of issues with colors, details, and easy fix suggestions right on screen.

6
📄 Save reports

You get polished reports in formats perfect for sharing or keeping track over time.

App secured

With Ward's help, you fix the problems and feel great knowing your project is safer.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 31 to 156 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is ward?

Ward is a Go-built security scanner for Laravel apps that hunts misconfigurations like debug mode in production, missing auth middleware, exposed .env secrets, and Composer deps with live CVEs from OSV.dev. It scans local dirs or git repos (shallow clone), runs 42 YAML rules across categories like injection, XSS, and crypto, then outputs JSON, SARIF for github security scanning, HTML, or markdown reports. A polished TUI shows real-time progress, severity stats, and scan diffs against history.

Why is it gaining traction?

It skips generic grep-style checks by parsing composer.json/lock, .env, and config files for Laravel-aware scans—spotting unguarded models or raw DB queries others miss. SARIF plays nice with github security actions and alerts, while custom rules extend without recompiles. Headless CI mode plus github security policy enforcement makes it a lightweight alternative to heavy SAST tools.

Who should use this?

Laravel backend devs securing apps pre-deploy, security teams gating PRs via github actions with security github projects, or ops folks tracking github security advisories in monorepos. Perfect for free security scanner github workflows checking deps and configs without setup hassle.

Verdict

Solid Laravel-specific security scanner free option with great docs and CI hooks, but 10 stars and 1.0% credibility score signal early maturity—test thoroughly before prod reliance. Grab it if github ward analytics fits your stack.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.