Sodium is a new, easy-to-use software library for encryption, decryption, signatures, password hashing and more. It is a portable, cross-compilable, i
Laravel Hashid Laravel Hashid provides a unified API across various drivers such as Base62, Base64, Hashids and Optimus, with support for multiple con
random_compat PHP 5.x polyfill for random_bytes() and random_int() created and maintained by Paragon Initiative Enterprises. Although this library sho
CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting information is certainly very useful for conducting further penetration testing, and analyzing websites with the same server.
sqlmap sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of
About SecLists SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected i
Security Component - CSRF The Security CSRF (cross-site request forgery) component provides a class CsrfTokenManager for generating and validating CSR
㊙️ AntiXSS "Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inje
Acme PHP Acme PHP is a simple yet very extensible CLI client for Let's Encrypt that will help you get and renew free HTTPS certificates. Acme PHP is a
CORS PHP CORS (Cross-origin resource sharing) middleware. Support Array, Coding in Native PHP Using PSR-7 PSR-15 Support Symfony Support Laravel Suppo
wso-ng New generation of famous WSO web shell. With perks included default password is "root" changes can now hook password when loaded via stub ?php
SensioLabs Security Checker WARNING: Don't use this piece of software anymore as the underlying web service will stop working at the end of January 20
RandomLib A library for generating random numbers and strings of various strengths. This library is useful in security contexts. Install Via Composer
Sodium Compat is a pure PHP polyfill for the Sodium cryptography library (libsodium), a core extension in PHP 7.2.0+ and otherwise available in PECL.
Optimus id transformation With this library, you can transform your internal id's to obfuscated integers based on Knuth's integer hash. It is similar
Web Application Firewall (WAF) package for Laravel This package intends to protect your Laravel app from different type of attacks such as XSS, SQLi,
All in one tool for Information Gathering, Vulnerability Scanning and Crawling. A must have tool for all penetration testers
Roave Security Advisories This package ensures that your application doesn't have installed dependencies with known security vulnerabilities. Installa
phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code.
Current version: 1.3.5 PrivateBin is a minimalist, open source online pastebin where the server has zero knowledge of pasted data. Data is encrypted a
Laravel Security Laravel Security was created by, and is maintained by Graham Campbell, and is a voku/anti-xss wrapper for Laravel, using graham-campb
vaults is a password manager featuring client side AES-256 encryption, PBKDF2 hashing, vaults, password generation & more. Features Technical overview
endoflife.date Keep track of various End of Life dates as they are approaching. Visit https://endoflife.date for a list of supported products. This in
PHPGGC: PHP Generic Gadget Chains PHPGGC is a library of unserialize() payloads along with a tool to generate them, from command line or programmatica
Security Component - Core Security provides an infrastructure for sophisticated authorization systems, which makes it possible to easily separate the
0x727自动化编写报告平台 郑重声明：文中所涉及的技术、思路和工具仅供以安全为目的的学习交流使用，任何人不得将其用于非法用途以及盈利等目的，否则后果自行承担。 0x01 介绍 类别 说明 作者 小洲 团队 0x727 未来一段时间将陆续开源工具 定位 根据安全团队定制化协同管理项目安全，可快速查找
HTML Purifier HTML Purifier is an HTML filtering solution that uses a unique combination of robust whitelists and aggressive parsing to ensure that no
sqlscan sqlscan is quick web scanner for find an sql inject point. not for educational, this is for hacking. use sitemap for best result Simple to use
A simple php (lumen) app for sharing sensitive text (basically like onetimesecret), but with full end-to-end AES-256-GCM encryption so even the server has no access to the data, and developed with very simple deployment in mind.
Security provides an infrastructure for sophisticated authorization systems, which makes it possible to easily separate the actual authorization logic from so called user providers that hold the users credentials. It is inspired by the Java Spring framework.
NAMSHI | JOSE Deprecation notice Hi there, as much as we'd like to be able to work on all of the OSS in the world, we don't actively use this library
Laravel Source Encrypter This package encrypts your php code with phpBolt For Laravel and Lumen 6, 7, 8 Installation Usage Installation Step 1 At the
Rules for detecting usage of deprecated classes, methods, properties, constants and traits. PHPStan Installation To use this extension, require it in
Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An
PHP Security Advisories Database The PHP Security Advisories Database references known security vulnerabilities in various PHP projects and libraries.
Todo Laravel Fingerprint Laravel Leak .env Laravel Debug Mode Laravel CVE-2018-15133 Laravel Ignition CVE-2021-3129 Insecure Deserialization with APP_
Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities.
Halite Halite is a high-level cryptography interface that relies on libsodium for all of its underlying cryptography operations. Halite was created by
Laravel Encryptable This package allows you to anonymize sensitive data (like the name, surname and email address of a user) similarly to Laravel's En
Scanner for PHP.ini The Iniscan is a tool designed to scan the given php.ini file for common security practices and report back results. Currently it
Security Component The Security component provides a complete security system for your web application. It ships with facilities for authenticating us
PHPIDS PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web ap
🔒 Password Exposed Helper Function This PHP package provides a password_exposed helper function, that uses the haveibeenpwned.com API to check if a p