Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-php-security
Awesome PHP Security Resources πΆππ
https://github.com/guardrailsio/awesome-php-security
Last synced: 1 day ago
JSON representation
-
Web Framework Hardening
- Snuffleupagus - Security mondule for PHP7/8, the successsor to [suhosin](http://suhosin.org/stories/index.html).
- Secure-Headers - Add security related headers to HTTP response.
-
Static Code Analysis
- Enlightn - Enlightn is a static and dynamic analysis tool to improve the security of Laravel applications.
- Snyk Code
- Exakat - *Exakat* is a PHP static code analysis, with serious [Security reviews](https://exakat.readthedocs.io/en/latest/Rulesets.html#security).
- phpcs-security-audit - phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code.
- progpilot - A static analyzer for security purposes.
- Parse - The *Parse* scanner is a static scanning tool to review your PHP code for potential security-related issues.
- SonarPHP - A static code analyser for PHP language used as an extension for the SonarQube platform (200+ rules, Supports up to PHP 8, Import of unit test and coverage results, Support of custom rules)
-
Vulnerabilities and Security Advisories
- Symfony Security Monitoring - PHP security vulnerabilities monitoring.
- Snyk Open Source - Package manager scanner with a free tier
- security-checker - PHP frontend for security.symfony.com.
- roave/security-advisories - Add this dependency to disallow known/vulnerable installation of packages directly through `composer update`
- Security Advisories - A database of PHP security advisories.
- php-malware-detector - PHP malware detector
-
Guides
- Official PHP Security Manual
- Survive The Deep End: PHP Security
- Security Tips for a PHP Application
- Awesome-AppSec: PHP-Section
- The 2018 Guide to Building Secure PHP Software
- GuardRails - A GitHub App that gives you instant security feedback in your Pull Requests.
- RIPS - RIPS is the leading security analysis solution for PHP
- Snyk - A developer-first solution that automates finding & fixing vulnerabilities in your dependencies.
- Sqreen - Automated security for your web apps - real time application security protection.
- Paragon Initiative Enterprises - PHP Security and Cryptography consultants, open source library publishers.
-
Hacking Playground
- Insecure PHP Example - This is an example application built using Silex for routing to provide examples of SQL Injection, plain text passwords and XSS.
- DVWA - Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is damn vulnerable.
-
Inspiration
- awesome-nodejs-security - ruby-security](https://github.com/pxlpnk/awesome-ruby-security).
Categories
Sub Categories
Keywords
php
10
security
5
composer
3
static-code-analysis
3
infosec
2
vulnerability-scanners
2
vulnerabilities
2
static-analysis
2
owasp
2
analysis-framework
1
analysis
1
exakat-engine
1
secure-headers
1
gremlin
1
lint
1
referrer-policy
1
linter
1
laravel-package
1
laravel
1
hsts
1
feature-policy
1
expect-ct
1
csp
1
content-security-policy
1
clear-site-data
1
security-experts
1
reading-list
1
curated
1
application-security
1
web-security
1
pentest
1
nodejs
1
cybersecurity
1
shell-detector
1
antivirus
1
anti-malware
1
packagist
1
security-vulnerability
1
security-vulnerabilities
1
security-advisories
1
sonarqube
1
language-team
1
code-quality
1
scanner
1
security-tools
1
phpcs
1
php-codesniffer
1
review-tools
1
php7
1
phar
1