PHP Application-security Resources

Snuffleupagus is a PHP 7+ and 8+ module designed to drastically raise the cost of attacks against websites, by killing entire bug classes

SecurityMultiTool A multitool library offering access to recommended security related libraries, standardised implementations of security defences, an

laminas-barcode 🇷🇺 Русским гражданам Мы, участники Laminas, родились и живем в разных странах. У многих из нас есть друзья, родственники и коллеги к

Introduction Laravel XHProf provides you with a simple setup to profile your laravel application with the well known XHProf php extension originally d

wp-cli/secure-command Official website: Hackthewp.com Manages common security aspects of WordPress. Supports nginx and Apache. Basic Usage This packag

About Project Since Laravel 9 was recently released, it supports PHP 8 and above. So I decided to implement a prototype project using Laravel 9 + PHP

OSC-Femme Architecture du projet Modèle-vue-contrôleur ou MVC est un motif d'architecture logicielle destiné aux interfaces graphiques lancé en 1978 e

MONCYCLE.APP Application de suivi de cycle menstruel pour les méthodes naturelles de régulation de naissance. Plus d'information 👉 https://moncycle.a

Secure Headers Add security related headers to HTTP response. The package includes Service Providers for easy Laravel integration. Version Installatio

Manage your photos with Piwigo, a full featured open source photo gallery application for the web. Star us on Github! More than 200 plugins and themes available. Join us and contribute!

laminas-console This package is abandoned and will receive no further development! We recommend using laminas/laminas-cli. Laminas\Console is a compon

PHP Quickstart This repository contains a simple web application that demonstrates how to quickly connect to and communicate with a MariaDB database u

Laravel Security Laravel Security was created by, and is maintained by Graham Campbell, and is a voku/anti-xss wrapper for Laravel, using graham-campb

Backpack\Settings An interface for the administrator to easily change application settings. Uses Laravel Backpack. Works on Laravel 5.2 to Laravel 8.

DataLoaderPHP is a generic utility to be used as part of your application's data fetching layer to provide a simplified and consistent API over various remote data sources such as databases or web services via batching and caching.

PhoneNumberBundle This bundle is a fork of misd-service-development/phone-number-bundle. As this project doesn't look maintained anymore, we decided t

Laravel Markable This package allows you to easily add the markable feature to your application, as for example likes, bookmarks, favorites and so on.

Gracili What is Gracili? Gracili is a PHP Application Template to quickly create a new Project. Using this template can save you a lot of time. With t

Blacksmith is a code generation tool which automates the creation of common files that you'd typically create for each entity in your application.

CSRF Cookie Bundle This Symfony bundle provides Cross Site Request Forgery (CSRF or XSRF) protection for client-side applications requesting endpoints

Bank API written in PHP 7.4 without framework

Google2FA for Laravel Google Two-Factor Authentication Package for Laravel Google2FA is a PHP implementation of the Google Two-Factor Authentication M

Laravel ActiveCampaign (WIP) This package provides a simple interface to the ActiveCampaign API v3. Currently the packages only supports the endpoints

Laravel comments - This package enables to easily associate comments to any Eloquent model in your Laravel application

The package provides an easy way to desensitize your routes in your Laravel application. In short, Desensitize makes your routes case-insensitive, so you can access any of your routes whether they are lowercase, uppercase, or both.

morgue a safe place for all your postmortem data Overview This is a PHP based web application to help manage your postmortems. It has a pluggable feat

MISP is an open source software solution for collecting, storing, distributing and sharing cyber security indicators and threats about cyber security incidents analysis and malware analysis. MISP is designed by and for incident analysts, security and ICT professionals or malware reversers to support their day-to-day operations to share structured information efficiently.

Laravel Monolog Kinesis Driver A simple package to forward Laravel application logs to a Kinesis stream. Installation Require the package with compose

Damn Vulnerable PHP Application (DVPA) - It is Lab Written in The PHP lang, Which Contains PHP Type Juggling - RCE Challenges

Laravel Quickstart is a boilerplate for Laravel Application with typical packages preinstalled and configured to extend a full-fledged application. We tried to make it as minimal as possible.

Windmill with Laravel Breeze as Backend API Introduction This repository is an implementing of the Laravel Breeze application / authentication starter

About Laravel Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable and creative experie

Blog A reponsive web application blog where users can create & host their articles Tech Stack Bootstrap 5 CodeIgniter 4 GSAP AOS TrixEditor SweetAlert

Bludit is a web application to build your own website or blog in seconds, it's completely free and open source. Bludit uses files in JSON format to store the content, you don't need to install or configure a database. You only need a web server with PHP support.

An utility component for XML usage and best practices in PHP

Regexp Security Cheatsheet Research was done to find "weak places" in regular expressions of Web Application Firewalls (WAFs). Repository contains SAS

A Fully Featured home-hosted Cloud Storage platform and Personal Assistant that Converts files, OCR's images & documents, Creates archives, Scans for viruses, Protects your server, Keeps itself up-to-date, and Runs your own AppLauncher!

A laboratory for learning secure web and mobile development in a practical manner. Build your lab By provisioning local environments via docker-compos

Create and update progress bars in different environments

WIRECRUD 9 adalah aplikasi CRUD + Search sederhana yang dibuat menggukana Laravel 9 dan Livewire 2. Demo bisa dilihat di YouTube Developow Terbuka jika ingin clone apliaksi sederhana ini untuk belajar, bisa ikuti cara-cara berikut ini.

Fakey-Mail Mail application developed with Symfony 5! Check out the requirements for info on how to launch the app. Check out the basic functionality

Anemone C. Sun, F. Imadegbelo, F. Johnston, T. Rowe, W. Zhai Anemone is an application that centralizes users' documentation queries. A user will be a

laminas-text This package is considered feature-complete, and is now in security-only maintenance mode, following a decision by the Technical Steering

laminas-xml2json This package is considered feature-complete, and is now in security-only maintenance mode, following a decision by the Technical Stee

laminas-math This package is considered feature-complete, and is now in security-only maintenance mode, following a decision by the Technical Steering

This package should help you with creating and managing a Laravel DDD Application. This package is heavily inspired by "Laravel beyond CRUD" from Spatie.

Miolica: an e-commerce application that uses React.js as the frontend and Laravel as the backend

Store your Laravel application settings in an on-disk JSON file. This package provides a simple SettingsRepository class that can be used to store you

Simple Laravel Invoice Generator Sling — open-source web application that helps you create invoices and track income. Table of Contents About

CRUD php application to check in and check out employees and show daily building occupation. Employees are required to self check their temperature and tick a checkbox to specify whether their temperature is below 38°C else they are invited to stay home. (Implemented in php with bootstrap4 for styling and datatable jquery plugin for table formatting and additional features).

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. The goal is to enable a security tester to pull this repository onto a new testing box and have access to every type of list that may be needed.

🔒 Password Exposed Helper Function This PHP package provides a password_exposed helper function, that uses the haveibeenpwned.com API to check if a p

Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goal is to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and to aid both students & teachers to learn about web application security in a controlled class room environment.

laminas-servicemanager-di This package is considered feature-complete, and is now in security-only maintenance mode, following a decision by the Techn

yii2-app-api OpenAPI Spec to API in 3, 2, 1... done! Yii Framework Application Template for quickly building API-first applications. Based on yii2-ope

phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code.

This is a skeleton application using the Zend Framework MVC layer and module systems. This application is meant to be used as a starting place for those looking to get their feet wet with Zend Framework.

A Multi User Chat Application With Laravel and Livewire. where you can chat with multiple frinds at the same time. i build this with php Laravel and Livewire.

Microservice Application Skeleton Yii2 console application used to write our processors of methods to responsible to client calling. This application

emailsender - PHP Notification library via email using phpMailer This library has the function of sending email using the phpmailer library. Doing thi

BEAR.Sunday A resource-oriented application framework What's BEAR.Sunday This resource orientated framework has both externally and internally a REST

Introduction Project idea is clean and high-quality code. Unlike most (all at the moment) implementations, like webonyx, youshido or digitalonline the

Nano is a zero-config, no skeleton, minimal Hyperf distribution that allows you to quickly build a Hyperf application with just a single PHP file.

BEAR.Sunday A resource-oriented application framework What's BEAR.Sunday This resource orientated framework has both externally and internally a REST

Notejam: Blink framework Notejam demo application using Blink framework Installation Clone the repository to you machine. Run vagrant up to create the

Opulence Introduction Opulence is a PHP web application framework that simplifies the difficult parts of creating and maintaining a secure, scalable w

MINI MINI is an extremely simple and easy to understand skeleton PHP application, reduced to the max. MINI is NOT a professional framework and it does

Never worry about SEO in Laravel again! Currently there aren't that many SEO-packages for Laravel and the available ones are quite complex to set up a

Elastic Beanstalk + PHP Demo App - "Share Your Thoughts" This demo app shows you how to run a simple PHP application on AWS Elastic Beanstalk. Run the

PHP Secure Configuration Checker Check current PHP configuration for potential security flaws. Simply access this file from your webserver or run on C

Log-killer Log Killer is tool for [Linux/Windows] Servers This tool will delete all your logs just download the tool and run it on the server if your

Microrest is a Silex provider to setting up a REST API on top of a relational database, based on a YAML (RAML) configuration file.

laminas-config This package is considered feature-complete, and is now in security-only maintenance mode, following a decision by the Technical Steeri

A PHP application to monitor uptime and ssl certificates uptime-monitor-app is a powerful, easy to configure uptime monitor written in PHP 7. It will

Tailwind CSS for Laravel Introduction This package wraps the standalone Tailwind CSS CLI tool. No Node.js required. Inspiration This package was inspi

Memory objects (memory containers) are generated by the memory manager, and transparently swapped/loaded when required.

This plugin allows you to secure your WordPress login with two factor authentication. The users will have to enter a one time password every time they log in.

Attendize is an open-source ticketing and event management application built using the Laravel PHP framework. Attendize allows event organisers to sel

laminas-soap This package is considered feature-complete, and is now in security-only maintenance mode, following a decision by the Technical Steering

Security Component - CSRF The Security CSRF (cross-site request forgery) component provides a class CsrfTokenManager for generating and validating CSR

This Toko Lego e-commerce application is made to meet the final semester exam. Created using laravel framework.

Laravel Logable is a simple way to log http request in your Laravel application. Requirements php = 7.4 Laravel version = 6.0 Installation composer

Roundcube Webmail roundcube.net ATTENTION This is just a snapshot from the GIT repository and is NOT A STABLE version of Roundcube. It's not recommend

Magento 2 Security extension FREE. Security extension gives store owners the ability to detect the IP addresses that are intentionally attacking their store at any given time. Therefore, they have timely measures to prevent this issue such as blocking those IP addresses or sending warning emails to store owners.

Laravel Nova Ban Introduction Behind the scenes cybercog/laravel-ban is used. Contents Installation Usage Prepare bannable model Prepare bannable mode

Foreman is a Laravel scaffolding application that automates common tasks you typically perform with each new Laravel app you create. The directives you want Forman to perform are outlined in a JSON based template file.

The Guard component brings many layers of authentication together, making it much easier to create complex authentication systems where you have total control.

Rori-PHP is custom non production web application framework inspired by Laravel syntax. A web framework provides a structure and starting point for your application allowing you to focus on creating something amazing.

Shortener URL is simple web application to short your URL. It will generate unique key, with the unique key it will redirect to the original URL.

Simple template Simple PHP templating system for user editable templates. Idea Most applications need to render templates that insert safely treated v

A simple PHP scripting application which fetch emails from your Gmail account according to a filter and parses them for information.

Chat App Chat application build with Symfony! Explore the docs » View Demo · Report Bug · Request Feature Table of Contents About The Project Built Wi

CRUD Build a system to insert student name information, grade the class name, and edit and delete this information

Gracili What is Gracili? Gracili is a PHP Application Template to quickly create a new Project. Using this template can save you a lot of time. With t

RESTful Bookmarks PHP Slim TODO: review and update FrontEnd Sample application to bookmark links, where interface build with Angular.js + Twitter Boot

Slim Bookshelf This is a simple Slim 3 application that manages a list of books Composer This project uses Composer. Run composer install to install t

Slim 3 PHP micro framework MVC application boilerplate

Slim Framework 3 Skeleton Application + PagSeguro Lib Aplicação simples para geração do Token para pagamentos no PagSeguro (método transparente) e env

It is a web application that allows you to analyze electricity consumption and savings resulting from the installation of a photovoltaic installation.

Ticket System Api Description: It is a basic system in which an employee logs in, can create, update and delete tickets, can create an employee, and t