The Internet technology has grown rapidly, to handle the demand of the market nowadays, more and more web-based systems have been made, and the security of the system has been an issue. Some developers wish to realize functions that the project required in a very short period that over sighting the vulnerabilities caused by the specification of the programming language. In another way, there are more and more outsourcing systems that increasing the importance of inspecting the of the source code of the outsourced system. This paper presents a static analyzing structure that allows us to inspect the source code before the product was released, being aware of the security issues during the development phase and increase the security level of the software system. This study develops a structure could be worked as a plug-in with present or further security analyzing tools that provides assistance to the developers to analyze and inspect the source code of the system, and suggestions to fix the vulnerabilities that.