GithubHelp home page GithubHelp logo

iarnaud / phpids Goto Github PK

View Code? Open in Web Editor NEW

This project forked from phpids/phpids

0.0 1.0 0.0 6.04 MB

PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application

License: GNU Lesser General Public License v3.0

ApacheConf 0.05% PHP 99.95%

phpids's Introduction

Build Status

PHPIDS

PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in exactly the way you want it to. Based on a set of approved and heavily tested filter rules any attack is given a numerical impact rating which makes it easy to decide what kind of action should follow the hacking attempt. This could range from simple logging to sending out an emergency mail to the development team, displaying a warning message for the attacker or even ending the user’s session.

PHPIDS enables you to see who’s attacking your site and how and all without the tedious trawling of logfiles or searching hacker forums for your domain. Last but not least it’s licensed under the fair LGPL!

Contributions

If you would like to contribute, please open a pull request. If you need something to do, have a look at our open issues.

Credits

The project was started by Christian Matthies [email protected] and Mario Heiderich [email protected]. Mario spend a lot of time maintaining PHPIDS mostly on his own. Huge props for that. Currently Lars Strojny [email protected] merges pull requests.

An incomplete list of contributors:

  • LeverOne for his outstanding work, testing and XSS vectors from the depths of markup hell
  • Kishor for providing cutting edge XSS and great help in the group
  • Martin Hinks for great hints, the .NETIDS and help with false positives
  • SirDarckCat for providing XSS so advanced it made us shiver
  • Gareth Heyes for his help enhancing the rules and very creative XSS vectors
  • Kevin Schroeder for the audit and great help on testing and enhancing the PHPIDS
  • xorrer for his help optimizing the rules against his cryptic and sophisticated XSS vectors
  • Johannes Dahse for his help optimizing the SQLI rules
  • Roberto Salgado for helping hardening the SQLI rules with his SQL-Fu
  • tx for even more outstanding SQLI stuff and almost magic PHP code injection vectors
  • Giorgio Maone for redefining the word JavaScript with his vectors
  • thornmaker for submitting smart and very hard to detect JavaScript concatenation vectors
  • Martin Trauth for helping us with the design and giving hints on estate usability
  • Ronald v.d. Heetkamp for helping on the SQLI and XSS detection issues
  • Dan for helping i18n-ing the PHPIDS
  • CrYpTiC_MauleR for providing great hints and XSS magic
  • Robert Hansen for providing (sl|h)a.ckers.org and the XSS cheat sheet
  • beford for providing great hints and esoteric but working XSS

phpids's People

Contributors

awnage avatar benpoulson avatar csk83 avatar felixbuenemann avatar jayzeng avatar kingcrunch avatar lstrojny avatar marclaporte avatar sasezaki avatar staabm avatar x00mario avatar zanbaldwin avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.