Top 23 PHP Security Projects

• labs

  2 9,770 1.2 PHP

  This is a collection of tutorials for learning how to use Docker with various tools. Contributions welcome.

  

  Project mention: How to “dockerize” existing web apps (“php + mySQL” app, and “node.js + express + mongodb” app) | reddit.com/r/docker | 2021-03-11

  You can find some intro and tutorials to catch up on docker https://github.com/docker/labs

• random_compat

  0 7,798 2.5 PHP

  PHP 5.x support for random_bytes() and random_int()

  

• Scout APM

  Sponsored scoutapm.com

  Scout APM - Leading-edge performance monitoring starting at $39/month. Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.

• DVWA

  4 5,085 6.4 PHP

  Damn Vulnerable Web Application (DVWA)

  Project mention: Getting into cybersecurity | reddit.com/r/cscareerquestions | 2021-04-08

  Hands-on security: Juice Shop and Damn Vulnerable Web App are good choices, along with Capture the Flag competitions

• awesome-appsec

  0 4,494 0.0 PHP

  A curated list of resources for learning about application security

  

• PHPSecLib

  0 4,317 8.5 PHP

  PHP Secure Communications Library

  

• PHP Encryption

  1 3,256 5.8 PHP

  Simple Encryption in PHP.

  Project mention: How I Documented, Encrypted, and Tested My First REST API | dev.to | 2021-02-17

  I encrypted my data using defuse/php-encryption. This library, claiming to be secure, unlike other libraries, did the encryption and decryption for me. To encrypt and decrypt, I needed my own key, which I generated by running

• pfSense

  24 3,069 9.8 PHP

  Main repository for pfSense

  

  Project mention: La pénurie globale va également affecter les routeurs, c'est l'effet boule de neige | reddit.com/r/france | 2021-04-12

• bouncer

  2 2,646 5.0 PHP

  Eloquent roles and abilities.

  Project mention: Multi-tenancy/user roles - tutorial suggestions | reddit.com/r/laravel | 2021-02-15

  I only have experience with Bouncer but it has worked well for me. As a basic hypothetical scenario, you can create different roles and abilities such as:

• Passbolt

  1 2,457 8.7 PHP

  Passbolt CE Backend, a JSON API written with Cakephp

  

  Project mention: What’s the best way to share login details with a family member? | reddit.com/r/privacy | 2021-04-10

• HTML Purifier

  1 2,144 3.2 PHP

  Standards compliant HTML filter written in PHP

  Project mention: Can build in Markdown library limit the use of certain tags? | reddit.com/r/laravel | 2021-02-19

  Have you looked at HTML Purifier?

• SensioLabs Security Check

  0 1,628 8.1 PHP

  A database of PHP security advisories

  

• PHPGGC

  0 1,562 7.3 PHP

  PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.

  

• IniScan

  0 1,459 0.0 PHP

  A php.ini scanner for best security practices

  

• Sentinel

  0 1,357 2.7 PHP

  A framework agnostic authentication & authorization system. (by cartalyst)

  

• Optimus

  1 1,089 0.3 PHP

  🤖 Id obfuscation based on Knuth's multiplicative hashing method for PHP.

  Project mention: API: external UUID to internal ID in validation or controller or ? | reddit.com/r/laravel | 2021-02-19

  To obfuscate id there are several solutions, other than the already mentioned hashids you can try this one https://github.com/jenssegers/optimus

• wp2static

  6 970 8.8 PHP

  WordPress static site generator for security, performance and cost benefits

  Project mention: Creating a minimalist blog with Jekyll Now | news.ycombinator.com | 2021-04-11

  This is my exact feeling. I have a Hugo-powered blog, but like you said, I miss the ability to draft something quickly when I'm inspired. Right now, the best option I have found is self-hosting Ghost with some aggressive Cloudflare caching.

  I considered using wp2static[0] before starting with Ghost. Have you published your exporter?

  [0] https://github.com/leonstafford/wp2static

• Halite

  0 941 4.5 PHP

  High-level cryptography interface powered by libsodium

  

• RandomLib

  0 814 0.0 PHP

  A library for generating random numbers and strings

• PHP-Auth

  1 730 2.2 PHP

  Authentication for PHP. Simple, lightweight and secure.

  

  Project mention: Authentication System | reddit.com/r/PHPhelp | 2020-12-23

  There are a bunch out there but have a look at this one for instance: https://github.com/delight-im/PHP-Auth

• TwoFactorAuth

  0 729 2.6 PHP

  PHP library for Two Factor Authentication (TFA / 2FA) (by RobThree)

• PHP IDS

  0 711 0.0 PHP

  PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application

  

• Latte

  0 631 8.9 PHP

  ☕ Latte: the intuitive and fast template engine for those who want the most secure PHP sites.

  

• AntiXSS

  0 410 5.4 PHP

  ㊙️ AntiXSS | Protection against Cross-site scripting (XSS) via PHP

Index