From d58dddaacce68c281e03ab4853acd410325c4f04 Mon Sep 17 00:00:00 2001
From: ankitdn <153487192+ankitdn@users.noreply.github.com>
Date: Wed, 30 Apr 2025 21:37:21 +0500
Subject: [PATCH 1/2] Add ABOM tool for Vulnerability scanning

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index b01f377..8aff139 100644
--- a/README.md
+++ b/README.md
@@ -19,7 +19,7 @@ See [CONTRIBUTING](https://github.com/exakat/php-static-analysis-tools/blob/mast
 ### Bugs finders
 
 Tools to report issues in code that are or lead to bugs.
-
+* [Abom](https://vulert.com/abom) - Vulert finds and monitors open source vulnerabilities from manifest files or SBOMs.
 * [AppChecker](https://npo-echelon.ru/en/solutions/appchecker.php) - static analysis tool for finding bugs, weaknesses and vulnerabilities in source code
 * [Code insight](https://github.com/console-helpers/code-insight) - A tool for analysing other project code bases.
 * [AST Metrics](https://github.com/Halleck45/ast-metrics) - A blazing-fast static code analyzer that help your to identify code that needs to be refactored.

From f2ceb6d9befca5d3f0c18c97775882816970661b Mon Sep 17 00:00:00 2001
From: ankitdn <153487192+ankitdn@users.noreply.github.com>
Date: Tue, 17 Jun 2025 11:12:12 +0500
Subject: [PATCH 2/2] Added Vulert into README.md

---
 README.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 8aff139..a11349f 100644
--- a/README.md
+++ b/README.md
@@ -74,7 +74,8 @@ Tools to report issues in code that are or lead to bugs.
 * [TaintPHP](https://github.com/olivo/TaintPHP.git) - Static Taint Analyzer.
 * [Tuli](https://github.com/ircmaxell/Tuli) - A static analysis engine.
 * [Unused-scanner](https://github.com/Insolita/unused-scanner.git) - Detect unused composer dependencies
-* [WAP](https://www.owasp.org/index.php/OWASP_WAP-Web_Application_Protection) - Tool to detect and correct input validation vulnerabilities in PHP (4.0 or higher) web applications and predicts false positives. 
+* [WAP](https://www.owasp.org/index.php/OWASP_WAP-Web_Application_Protection) - Tool to detect and correct input validation vulnerabilities in PHP (4.0 or higher) web applications and predicts false positives.
+* [Vulert](vulert.com) - Vulert secures software by detecting vulnerabilities in open-source dependencies—without accessing your code. It supports PHP, Java, Python, and more.
 * [PHP VarDump Check](https://github.com/php-parallel-lint/PHP-Var-Dump-Check) - PHP console application for finding forgotten variable dump.
 * [17eyes](https://github.com/17eyes/17eyes) - PHP static analyzer written in Haskell.
 * [CakeFuzzer](https://zigrin.com/tools/cake-fuzzer) - Ultimate web application security testing tool for CakePHP based web applications.