irfanokr/laravel-secure-bridge
Signed, timestamped, replay-protected and optionally AES-256-GCM-encrypted request/response bridge between a JavaScript front-end (SPA or Blade + AJAX) and a Laravel API. Framework-agnostic JS client. Works on Laravel 5.5 through 12 and PHP 7.1+.
时间:2026-06-02 09:49
baspa/larascan
A security-focused static analysis package for Laravel applications
时间:2026-06-02 09:09
pushword/api
REST API mirror of the Pushword admin (Page, Media, …). Token-authenticated, OpenAPI-described.
时间:2026-06-01 09:42
rasuvaeff/domain-monitor
Domain monitoring toolkit for HTTP, SSL, WHOIS, DNS, ports, security headers, robots.txt, and sitemaps.
时间:2026-06-01 06:08
k2gl/tuf
The Update Framework (TUF) client for PHP: a minimal, fail-closed metadata verifier and updater for securely distributed trust roots, such as Sigstore's.
时间:2026-06-01 02:06
jeffersongoncalves/secure-lock-cli
CLI tool to audit project dependencies (Composer & npm) for known vulnerabilities and tell whether an available update actually leaves the vulnerable range.
时间:2026-06-01 00:20
linkshieldai/linkshieldai
PHP SDK for the LinkShieldAI URL safety API.
时间:2026-05-31 07:02
kirchdev/laravel-device-sessions
Device-bound login sessions for Laravel: per-device remember-me tokens, a "where am I signed in" device list, and revoke/rename — privacy-respecting and Fortify-agnostic.
时间:2026-05-30 19:10
k2gl/sigstore-verify
Offline, fail-closed PHP verifier for Sigstore bundles: Fulcio certificate chain, DSSE or message signature, Rekor v1/v2 transparency-log proof, RFC 3161 timestamp, certificate transparency and identity policy. Passes the official sigstore-conformance suite.
时间:2026-05-30 13:19
tiime/monolog-masker
A lightweight, zero-dependency Monolog processor to keep sensitive data and secrets out of your logs.
时间:2026-05-29 15:53
larafleet/agent
Laravel monitoring agent for LaraFleet – sends heartbeats with version, security advisory, queue, and uptime data.
时间:2026-05-28 06:51
oihana/php-middleware
Composable PHP middleware helpers — security headers (HSTS, CSP, X-Frame-Options, Referrer-Policy, X-Content-Type-Options), CORS with preflight, CSRF, request-id, maintenance mode, rate limiting. PSR-7 compatible, zero magic strings.
时间:2026-05-27 10:20
openwpsecurity/core
Shared HTTP, database, admin, and security infrastructure for OpenWPSecurity plugins.
时间:2026-05-26 05:29
webpatser/resonate-token-auth
Token-based subscription auth for Resonate: skip /broadcasting/auth for mobile and S2S clients with a JWT
时间:2026-05-25 15:49