•        0

phpSecurity is meant to create a web based front end for security tools. Almost complete is a php'd nmap and being started is a php'd firewalk.



Related Projects

Suhosin - Protection System for PHP Installations

Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. It comes in two independent parts, that can be used separately or in combination.

Inspathx - Path Disclosure Finder

WHATA tool that uses local source tree to make requests to the url and search for path inclusion error messages. It's a common problem in PHP web applications that we've been hating to see. We hope this tool triggers no path disclosure flaws any more. See our article about path disclosure. Report bugs/suggestions to inspathx at yehg dot net. WHYWeb application developers sometimes fail to add safe checks against authentications

Secureimage - Image Validator Class for PHP, .NET and JAVA

It's a small library project for security of image handling on web applications such as photo galleries, forums, upload systems etc. The project links of PHP, JAVA and .NET implementations of secureimage library can be reached from this project site. JAVA SecureImage .NET SecureImage PHP SecureImage

Psecureimage - Image Validator Class for PHP

SecureImage is a image validator that can be used for validating image files on upload systems (such as photo galleries,forums,etc ..) against the threads for XSS issues with IE and LFI attacks. For Internet Explorer; you can succesfully launch XSS attacks with malformed image files because of it's mime-type detection algorithm. Also the image files can contain some server-side payloads that can be used on exploiting of LFI vulnerabilities. This image validator class; first checks for if the ima

Anticsurf - A Small PHP library that can be used for Cross-Site Request Forgery defenses.

IntroductionPHP doesn't have any function or mechanism for CSRF vulnerabilities. Developers must implement their own functions to defend against this vulnerability. So, I have coded a small one-time-token library. Some features of secureToken : Provides strong entropy for brute-force attacks Provides reliable uniqueness Guarantees one time usage of issued token Provides distinction between sessions. Provides timeout restrictions Usage & Wiki LinksDownload :


examples from the O'Reily book


A collection of functions which are useful in the securing of data between a client and server transmission