Language application firewall

dev-master 2019-07-25 07:28 UTC

This package is auto-updated.

Last update: 2024-11-25 20:37:41 UTC


README

A language application firewall
Only PHP is currently supported

Build Status Packagist Packagist

Example

  • Embed your code between $detector->start() and $detector->finish()
  • If attacks are detected, alarms are generated and can be retrieved with $detector->getAlarms()
<?php
    $detector = new Ids\Detector;
    $detector->start();
        
    include("yourcode.php");

    $detector->finish();
    
    var_dump($detector->getAlarms());
?>

when yourcode.php is vulnerable to an attack (in this example a simulated XSS attack) :

<?php

$detector->getHttprequest()->getRequest()->query->set("vuln", "ee\" onClick=alert('eee') \"boum");
$vulnparam = $detector->getHttprequest()->getRequest()->query->get("vuln");

echo "<a href=\"$vulnparam\"></a>";

this alarm is generated :

{
  [0]=>
  object(laf\Alarming\Alarm)#24 (4) {
    ["attack":"laf\Alarming\Alarm":private]=>
    string(3) "xss"
    ["description":"laf\Alarming\Alarm":private]=>
    string(38) "in vuln ee" onClick=alert('eee') "boum"
    ["score":"laf\Alarming\Alarm":private]=>
    int(0)
    ["time":"laf\Alarming\Alarm":private]=>
    string(15) "190725 09:19:13"
  }
}