• Stars
    star
    266
  • Rank 154,103 (Top 4 %)
  • Language
    PHP
  • License
    MIT License
  • Created over 11 years ago
  • Updated over 4 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

An Intrusion Detection System library loosely based on PHP IDS

Expose: an IDS for PHP

Build Status Insight Rating

Expose is an Intrusion Detection System for PHP loosely based on the PHPIDS project (and using its ruleset for detecting potential threats).

ALL CREDIT for the rule set for Expose goes to the PHPIDS project. Expose literally uses the same JSON configuration for its execution. I am not claiming any kind of ownership or authorship of these rules. Please see the PHPIDS github README for names of those who have contributed.

NOTE: An IDS system should not be relied upon for sole protection in your environment! It should only be used in the first level of threat identification. Please read up on "Defense in Depth" for more information on a layered security approach.

Quick Install

  1. Install Composer:

    curl -s https://getcomposer.org/installer | php
    
  2. Require Expose as a dependency using Composer:

    php composer.phar require enygma/expose
    
  3. Install Expose:

    php composer.phar install
    

Example Usage

<?php
require 'vendor/autoload.php';

$data = array(
    'POST' => array(
        'test' => 'foo',
        'bar' => array(
            'baz' => 'quux',
            'testing' => '<script>test</script>'
        )
    )
);

$filters = new \Expose\FilterCollection();
$filters->load();

//instantiate a PSR-3 compatible logger
$logger = new \Expose\Log\Mongo();

$manager = new \Expose\Manager($filters, $logger);
$manager->run($data);

echo 'impact: '.$manager->getImpact()."\n"; // should return 8

// get all matching filter reports
$reports = $manager->getReports();
print_r($reports);

// export out the report in the given format ("text" is default)
echo $manager->export();
echo "\n\n";

Full Documentation

Full (current) documentation for Expose can be found here: ReadTheDocs for Expose

If you're curious as to the importance of application-level intrusion detection, check out this article on the OWASP site.

Feel free to contact me with questions or how you can help the project!

@author Chris Cornutt [email protected]

Bitdeli Badge

More Repositories

1

shieldframework

Shield - A Security Minded Microframework
PHP
142
star
2

yubikey

PHP library to interface with the Yubikey REST API
PHP
76
star
3

gauth

Google Authenticator Code Validation and Generation
PHP
75
star
4

xacmlphp

An OASIS/XACML library for creating XACML-based PHP objects
PHP
36
star
5

usher

Task execution system (general)
PHP
24
star
6

composerclean

An additional command for Composer that removes configured files/directory
PHP
18
star
7

behat-fuel-rest

Behat & FuelPHP Examples for RESTful testing
PHP
18
star
8

modler

A generic model layer for PHP
PHP
15
star
9

frisk

An automated front-end unit testing testing tool written in PHP designed to mimic web requests and evaluate the response
PHP
14
star
10

duoauth

PHP Library for easy integration with Duo Security's Two-Factor REST API
PHP
13
star
11

Agile-ExtJS-ZF

DPC12 ExtJs+ZF Examples
JavaScript
13
star
12

impress-gen

Generator for Markdown to Impress.js Slideshow
PHP
12
star
13

offline-issues

A command-line script to pull the latest issues list from github and cache it locally
PHP
12
star
14

ci

Command-line tool for rapid development with CodeIgniter
10
star
15

h2-json-injection

H2 JSON Header Injection
HTML
10
star
16

pentesting-for-devs

Resources for topics mentioned in the "Pentesting for Developers" training
9
star
17

cmd

Simple tools for command line handling in PHP
PHP
7
star
18

php53-examples

Examples of several new features of PHP 5.3
PHP
6
star
19

jobtrack

JobTrack : A Sample Job Tracking App with FuelPHP + Backbone.js
PHP
5
star
20

backbone-testing

PHP
3
star
21

pv

pv: php objects
PHP
3
star
22

ci-models

CodeIgniter-based ORMish model things
PHP
3
star
23

twilio-auth

An example of sending an SMS through the Twilio API
PHP
3
star
24

phpdeveloper

Source for PHPDeveloper.org
PHP
3
star
25

tfauth

TFAuth is a unified two-factor authentication system (Duo Security, GAuth, Yubikey)
PHP
2
star
26

moviedb

The Movie Database connection PoC
PHP
2
star
27

slim-app-skeleton

A skeleton of a Slim application (with extras)
PHP
2
star
28

datamapper

Data Mapping tool
PHP
2
star
29

adventofcode2022

Solutions for the Advent of Code 2022
PHP
1
star
30

stormpath

Example API interface for the Stormpath user auth REST API
PHP
1
star
31

phpdeveloper-fuel

A Fuel-based version of PHPDeveloper.org
PHP
1
star
32

phpunit-article-3

Code for the SitePoint Unit Testing Article #3
PHP
1
star
33

phpdallas

DallasPHP Website
PHP
1
star
34

slsoap

A Python SOAP Client for the SoftLayer API
Python
1
star
35

travis-ci-ssl

A test repo for Travis-CI SSL testing
PHP
1
star
36

clef

A client for the Clef 2FA service
PHP
1
star
37

frisk-v2

An automated front-end unit testing testing tool written in PHP designed to mimic web requests and evaluate the response. Requires PHP 5.3+
PHP
1
star
38

fuzzing-101-template

The template repository for the Fuzzing 101 course on Learning Lab.
1
star
39

usherapp

Usher website
PHP
1
star
40

enygma

Profile repository
HTML
1
star
41

clonetest

just a test repo
PHP
1
star
42

adventofcode2016

1
star
43

conftrack

A conference tracking system
JavaScript
1
star
44

ar-js-site

A simple web application using AR.js to drop a Pokemon next to you
JavaScript
1
star
45

adventurelib

A PHP port of the Python "adventurelib" text-adventure library
PHP
1
star
46

enygma.github.io

Pages repo
HTML
1
star
47

fetch-team-avatars

Grab the avatars for a team from GitHub and output a Markdown table of their avatars
PHP
1
star
48

code-advent

Code Advent Solutions
PHP
1
star
49

phpdev

Source for the PHPDeveloper.org website
PHP
1
star
50

property-auth

A property-based auth* system using policies
PHP
1
star
51

github-projectv2

A Python package for working with GitHub's Projects API (including V2)
Python
1
star
52

adventofcode2020

Solutions to the 2020 Advent of Code challenges
PHP
1
star