Inherited a PHP app with no docs? Understand it in minutes.
Legacy Lift reads your old PHP and hands back architecture docs, a ranked security report, and a realistic modernisation plan. Stop fearing the codebase you have to maintain.
No signup for free scans · Code processed in-memory, never stored
Architecture docs, instantly
Detects WordPress, Laravel, CodeIgniter, Symfony or raw PHP and maps entry points, the data layer, and how requests flow — so a new dev can read the system in minutes.
PHP-specialised security scan
Finds the real legacy footguns: SQL injection from string concat, removed mysql_* calls, eval, file inclusion, weak password hashing, XSS, object injection, missing CSRF.
A modernisation plan you can act on
Not generic advice — an ordered plan to patch criticals, move to PDO prepared statements, adopt Composer, pin PHP 8.2+, and refactor safely.
Three steps to clarity
Paste or upload PHP
Drop in files or paste code. Free scans cover up to 5 files.
We analyse it
Static analysis tuned for legacy PHP idioms, optionally enriched by an LLM.
Get your report
Architecture, ranked findings with fixes, and a modernisation roadmap.
“We took over a 9-year-old WordPress + custom PHP codebase with zero documentation. The security report alone paid for itself.”
— Agency lead, Pune (early access)
Simple, honest pricing
Start free. Pay only when you need the full report or unlimited scans.