Auditing php source code with grep

XSS

grep -Ri "echo" *

grep -Ri "\$_" * | grep "echo"

grep -Ri "\$_GET" * | grep "echo"

grep -Ri "\$_POST" * | grep "echo"

grep -Ri "\$_REQUEST" * | grep "echo"

SQL Injection

grep -Ri "$sql" *

grep -RI "mysqli(" *

grep -Ri "pdo(" *

File inclusion

grep -Ri "file_include(" *

grep -Ri "file_get_contents(" *

grep -Ri "include(" *

Command execution

grep -Ri "shell_exec(" *

grep -RIt "system(" *

grep -Ri "exec(" *