tikiwiki/packages/tiki-pkg-expose/enygma/expose
2023-11-20 20:52:04 +00:00
..
bin Update: Tiki 26 path 2023-11-20 20:52:04 +00:00
docs Update: Tiki 26 path 2023-11-20 20:52:04 +00:00
src/Expose Update: Tiki 26 path 2023-11-20 20:52:04 +00:00
tests Update: Tiki 26 path 2023-11-20 20:52:04 +00:00
.gitignore Update: Tiki 26 path 2023-11-20 20:52:04 +00:00
.travis.yml Update: Tiki 26 path 2023-11-20 20:52:04 +00:00
composer.json Update: Tiki 26 path 2023-11-20 20:52:04 +00:00
LICENSE Update: Tiki 26 path 2023-11-20 20:52:04 +00:00
phpunit.xml.dist Update: Tiki 26 path 2023-11-20 20:52:04 +00:00
README.md Update: Tiki 26 path 2023-11-20 20:52:04 +00:00
travis-config.ini Update: Tiki 26 path 2023-11-20 20:52:04 +00:00

Expose: an IDS for PHP

Build Status Insight Rating

Expose is an Intrusion Detection System for PHP loosely based on the PHPIDS project (and using its ruleset for detecting potential threats).

ALL CREDIT for the rule set for Expose goes to the PHPIDS project. Expose literally uses the same JSON configuration for its execution. I am not claiming any kind of ownership or authorship of these rules. Please see the PHPIDS github README for names of those who have contributed.

NOTE: An IDS system should not be relied upon for sole protection in your environment! It should only be used in the first level of threat identification. Please read up on "Defense in Depth" for more information on a layered security approach.

Quick Install

  1. Install Composer:

    curl -s https://getcomposer.org/installer | php
    
  2. Require Expose as a dependency using Composer:

    php composer.phar require enygma/expose
    
  3. Install Expose:

    php composer.phar install
    

Example Usage

<?php
require 'vendor/autoload.php';

$data = array(
    'POST' => array(
        'test' => 'foo',
        'bar' => array(
            'baz' => 'quux',
            'testing' => '<script>test</script>'
        )
    )
);

$filters = new \Expose\FilterCollection();
$filters->load();

//instantiate a PSR-3 compatible logger
$logger = new \Expose\Log\Mongo();

$manager = new \Expose\Manager($filters, $logger);
$manager->run($data);

echo 'impact: '.$manager->getImpact()."\n"; // should return 8

// get all matching filter reports
$reports = $manager->getReports();
print_r($reports);

// export out the report in the given format ("text" is default)
echo $manager->export();
echo "\n\n";

Full Documentation

Full (current) documentation for Expose can be found here: ReadTheDocs for Expose

If you're curious as to the importance of application-level intrusion detection, check out this article on the OWASP site.

Feel free to contact me with questions or how you can help the project!

@author Chris Cornutt ccornutt@phpdeveloper.org

Bitdeli Badge