shieldfy/normalizer

This package is useful for the input normalization, before running hardcore IDS/IPS rules. It normalize the inputs to fight against WAF Bypassing techniques using obfuscation or other techniques to hide payloads.

Maintainers

Details

github.com/shieldfy/normalizer

Source

Issues

Installs: 1 410

Dependents: 2

Suggesters: 0

Security: 0

Stars: 8

Watchers: 8

Forks: 1

Open Issues: 1

1.0.4 2017-04-16 09:27 UTC

Requires

MIT 415dae07f13142e97106b3fa6d35c759da99774f

  • Shieldfy Inc. <team.woop@shieldfy.com>
  • Eslam Salem <eslam.woop@shieldfy.com>

securityfirewallapplicationdetectionidsobfuscationnormalizeattackbypassipsshieldfy

This package is not auto-updated.

Last update: 2024-04-13 23:30:57 UTC

README

This package is useful for the input normalization, before running hardcore IDS/IPS rules. It normalize the inputs to fight against WAF Bypassing techniques using obfuscation or other techniques to hide payloads.

Packagist VersionEye Dependencies Scrutinizer Code Quality Code Climate License

Table Of Contents

Usage

Usage is pretty easy and straightforward:

$value = "select/*!from*/information_schema.columns/*!where*/column_name%20/*!like*/char(37,%20112,%2097,%20115,%20115,%2037)";

// Run all normalizers
$result = (new \Shieldfy\Normalizer\Normalizer($value))->runAll();
echo $result;
// select from information_schema.columns where column_name like char(37, 112, 97, 115, 115, 37) %pass%

// Run single normalizer
$result = (new \Shieldfy\Normalizer\Normalizer($value))->run('comments');

Installation

Install the package via composer:

composer require shieldfy/normalizer

note about serialization

Serialize / Unserialize can be danger due to its ability to convert object and it can be used to preform object injection attack. So explicit normalization not allowed in php version before php 7 thats because php7 offered new options to prevent object serialization see here

Changelog

Refer to the Changelog for a full history of the project.

Support

The following support channels are available at your fingertips:

Contributing & Protocols

Thank you for considering contributing to this project! The contribution guide can be found in CONTRIBUTING.md.

Bug reports, feature requests, and pull requests are very welcome.

Security Vulnerabilities

If you discover a security vulnerability within this project, please send an e-mail to security@shieldfy.com. All security vulnerabilities will be promptly addressed.

Credits

This package is based on the original converters written by Mario Heiderich & Christian Matthies the creators of PHP IDS project with help from the generous security & opensource community.

License

This software is released under The MIT License (MIT).

(c) 2016 Shieldfy Inc, Some rights reserved.