What source code vulnerability scanning tools are best for securing web applications written in PHP?
RIPS, the tool that you mentioned that you are currently using is a popular comprehensive PHP source code scanner, and one of the best for large applications especially if you are looking to peruse potential vulnerabilities using a GUI.
Please find a non-comprehensive list of a few other PHP source code vulnerability scanners that would be worth giving a try below:
PHP Vulnerability Hunter which looks for vulnerabilities like cross-site scripting (XSS), SQL injection and the like in your PHP applications
SensioLab's security checker which checks your application's dependencies for vulnerabilities using Composer
Psalm another PHP application tool that utilizes Composer to find vulnerabilities with the application's software dependencies
Additionally, this link below also contains a list of additional packages that can help to scan your PHP source code for security vulnerabilities, as well scan for other bugs that could lead to security issues:
If you find any additional vulnerability scanners for PHP that I did not list here, please be sure to leave a comment to let the Community know!