RIPS

RIPS is a static code analysis software, designed for automated detection of security vulnerabilities in PHP and Java applications. The initial tool was written by Johannes Dahse and released during the Month of PHP Security in May 2010 as open-source software. The open-source version is released under the GNU Lesser General Public License and was maintained until 2013.
In 2016, RIPS Technologies, a company based in Bochum, Germany, released a rewritten version of RIPS. The closed-source RIPS product was focused on industrial customers. Its analysis techniques were awarded, amongst others, the Internet Defense Prize by Facebook.
In 2020, RIPS Technologies was acquired by SonarSource. The RIPS tool is no longer available as a stand-alone product.

WWW Official Site

Commercial Version (Java, PHP, Node.js)

The commercial version supported analysis of PHP and Java code. In order to identify security vulnerabilities that are based on second-order data flows or misplaced security mechanisms, it used abstract syntax trees, control-flow graphs, and context-sensitive taint analysis It could automatically detect 200 different vulnerability types, code quality issues and misconfiguration weaknesses. The commercial version supported all versions of Java, PHP and Node.js, industry standards such as OWASP Top 10, ASVS, CWE, SANS 25, and PCI-DSS. RIPS was available as on-premises software and as Software-as-a-Service.