This package is useful for the input normalization, before running hardcore IDS/IPS rules. It normalize the inputs to fight against WAF Bypassing techniques using obfuscation or other techniques to hide payloads.
- Usage
- Installation
- Changelog
- Support
- Contributing & Protocols
- Security Vulnerabilities
- Credits
- License
Usage is pretty easy and straightforward:
$value = "select/*!from*/information_schema.columns/*!where*/column_name%20/*!like*/char(37,%20112,%2097,%20115,%20115,%2037)";
// Run all normalizers
$result = (new \Shieldfy\Normalizer\Normalizer($value))->runAll();
echo $result;
// select from information_schema.columns where column_name like char(37, 112, 97, 115, 115, 37) %pass%
// Run single normalizer
$result = (new \Shieldfy\Normalizer\Normalizer($value))->run('comments');Install the package via composer:
composer require shieldfy/normalizerSerialize / Unserialize can be danger due to its ability to convert object and it can be used to preform object injection attack. So explicit normalization not allowed in php version before php 7 thats because php7 offered new options to prevent object serialization see here
Refer to the Changelog for a full history of the project.
The following support channels are available at your fingertips:
Thank you for considering contributing to this project! The contribution guide can be found in CONTRIBUTING.md.
Bug reports, feature requests, and pull requests are very welcome.
If you discover a security vulnerability within this project, please send an e-mail to security@shieldfy.com. All security vulnerabilities will be promptly addressed.
This package is based on the original converters written by Mario Heiderich & Christian Matthies the creators of PHP IDS project with help from the generous security & opensource community.
This software is released under The MIT License (MIT).
(c) 2016 Shieldfy Inc, Some rights reserved.