Top 23 PHP Security Projects
This is a collection of tutorials for learning how to use Docker with various tools. Contributions welcome.Project mention: How to “dockerize” existing web apps (“php + mySQL” app, and “node.js + express + mongodb” app) | reddit.com/r/docker | 2021-03-11
You can find some intro and tutorials to catch up on docker https://github.com/docker/labs
PHP 5.x support for random_bytes() and random_int()
Scout APM - Leading-edge performance monitoring starting at $39/month. Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.
Damn Vulnerable Web Application (DVWA)Project mention: Getting into cybersecurity | reddit.com/r/cscareerquestions | 2021-04-08
Hands-on security: Juice Shop and Damn Vulnerable Web App are good choices, along with Capture the Flag competitions
A curated list of resources for learning about application security
PHP Secure Communications Library
Simple Encryption in PHP.Project mention: How I Documented, Encrypted, and Tested My First REST API | dev.to | 2021-02-17
I encrypted my data using defuse/php-encryption. This library, claiming to be secure, unlike other libraries, did the encryption and decryption for me. To encrypt and decrypt, I needed my own key, which I generated by running
Main repository for pfSenseProject mention: La pénurie globale va également affecter les routeurs, c'est l'effet boule de neige | reddit.com/r/france | 2021-04-12
Eloquent roles and abilities.Project mention: Multi-tenancy/user roles - tutorial suggestions | reddit.com/r/laravel | 2021-02-15
I only have experience with Bouncer but it has worked well for me. As a basic hypothetical scenario, you can create different roles and abilities such as:
Passbolt CE Backend, a JSON API written with CakephpProject mention: What’s the best way to share login details with a family member? | reddit.com/r/privacy | 2021-04-10
Standards compliant HTML filter written in PHPProject mention: Can build in Markdown library limit the use of certain tags? | reddit.com/r/laravel | 2021-02-19
Have you looked at HTML Purifier?
A database of PHP security advisories
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
A php.ini scanner for best security practices
A framework agnostic authentication & authorization system. (by cartalyst)
🤖 Id obfuscation based on Knuth's multiplicative hashing method for PHP.Project mention: API: external UUID to internal ID in validation or controller or ? | reddit.com/r/laravel | 2021-02-19
To obfuscate id there are several solutions, other than the already mentioned hashids you can try this one https://github.com/jenssegers/optimus
WordPress static site generator for security, performance and cost benefitsProject mention: Creating a minimalist blog with Jekyll Now | news.ycombinator.com | 2021-04-11
This is my exact feeling. I have a Hugo-powered blog, but like you said, I miss the ability to draft something quickly when I'm inspired. Right now, the best option I have found is self-hosting Ghost with some aggressive Cloudflare caching.
I considered using wp2static before starting with Ghost. Have you published your exporter?
High-level cryptography interface powered by libsodium
A library for generating random numbers and strings
Authentication for PHP. Simple, lightweight and secure.Project mention: Authentication System | reddit.com/r/PHPhelp | 2020-12-23
There are a bunch out there but have a look at this one for instance: https://github.com/delight-im/PHP-Auth
PHP library for Two Factor Authentication (TFA / 2FA) (by RobThree)
PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application
☕ Latte: the intuitive and fast template engine for those who want the most secure PHP sites.
㊙️ AntiXSS | Protection against Cross-site scripting (XSS) via PHP
What are some of the best open-source Security projects in PHP? This list will help you:
|11||SensioLabs Security Check||1,628|