Awesome PHP Security Resources πŸ•ΆπŸ˜πŸ”
Clone or download
streichsbaer Merge pull request #4 from Ocramius/feature/roave-security-advisories
Add `roave/security-advisories` as suggested dependency
Latest commit 483b986 Dec 20, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
CONTRIBUTING.md Initial Commit Dec 12, 2018
README.md Merge pull request #4 from Ocramius/feature/roave-security-advisories Dec 20, 2018
code-of-conduct.md Initial Commit Dec 12, 2018

README.md


A curated list of awesome PHP Security related resources.

Awesome

List inspired by the awesome list thing.

Supported by: GuardRails.io

Table of Contents

Tools

Web Framework Hardening

Static Code Analysis

  • phpcs-security-audit - phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code.
    • docker pull guardrails/phpcs-security-audit
  • progpilot - A static analyzer for security purposes.
  • Parse - The Parse scanner is a static scanning tool to review your PHP code for potential security-related issues.

Vulnerabilities and Security Advisories

Educational

Hacking Playground

  • DVWA - Damn Vulnerable Web Application (DVWA) is a PHP/MySQL web application that is damn vulnerable.
  • Insecure PHP Example - This is an example application built using Silex for routing to provide examples of SQL Injection, plain text passwords and XSS.

Guides

Companies

  • GuardRails - A GitHub App that gives you instant security feedback in your Pull Requests.
  • RIPS - RIPS is the leading security analysis solution for PHP
  • Snyk - A developer-first solution that automates finding & fixing vulnerabilities in your dependencies.
  • Sqreen - Automated security for your web apps - real time application security protection.
  • Paragon Initiative Enterprises - PHP Security and Cryptography consultants, open source library publishers.

Contributing

Found an awesome project, package, article, other type of resources related to PHP Security? Send a pull request! Just follow the guidelines. Thank you!

Say hi on Twitter


Inspiration

This awesome list was inspired by awesome-nodejs-security and awesome-ruby-security.

License

CC0