566E PHP包仓库
首页 包列表 提交包 常见问题 关于

m9nx/laravel-runtime-guard 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

m9nx/laravel-runtime-guard

最新稳定版本:1.0.0

Composer 安装命令:

composer require m9nx/laravel-runtime-guard

包简介

A security-focused runtime monitoring and guard layer for Laravel applications

关键字:

# security # monitoring # laravel # xss # protection # runtime # guard # sql-injection

README 文档

README

Packagist Downloads License

Enterprise-grade runtime security inspection for Laravel applications.

RuntimeGuard provides a comprehensive, extensible framework for runtime security monitoring. Unlike static analyzers, it inspects actual data flowing through your application in real-time, detecting threats before they can cause damage.

Table of Contents

Features

Security Guards

  • SQL Injection — UNION attacks, boolean-based, time-based, stacked queries
  • XSS Detection — Script tags, event handlers, DOM-based XSS, encoded payloads
  • Command Injection — Shell metacharacters, command chaining, path traversal
  • SSRF Protection — Internal IPs, cloud metadata endpoints, DNS rebinding
  • NoSQL Injection — MongoDB operators, JSON-encoded attacks
  • Mass Assignment — Dangerous field protection
  • GraphQL Security — Query depth limits, complexity analysis
  • JWT/Token Abuse — Algorithm confusion, replay attacks, JKU injection
  • Bot Detection — Behavioral analysis, honeypot integration
  • Session Integrity — Fingerprint drift, geolocation jumps

Performance

  • Tiered inspection (quick scan + deep analysis)
  • LRU deduplication cache
  • Request sampling
  • Bloom filter pre-screening
  • Lazy guard resolution
  • Streaming inspection for large payloads
  • Async guard execution with PHP Fibers

Enterprise Features

  • ML-powered anomaly detection
  • Multi-tenant security isolation
  • Real-time metrics (Prometheus-compatible)
  • SIEM integration (Splunk, ELK, Datadog)
  • WAF rule export (AWS WAF, Cloudflare, ModSecurity)
  • Threat intelligence feeds
  • Compliance reporting (PCI-DSS, OWASP Top 10)

Requirements

  • PHP 8.1+
  • Laravel 10.0+ or 11.0+

Installation

composer require m9nx/laravel-runtime-guard

Publish the configuration:

php artisan vendor:publish --tag=runtime-guard-config

For database reporting (optional):

php artisan vendor:publish --tag=runtime-guard-migrations
php artisan migrate

Quick Start

Basic Usage

use M9nx\RuntimeGuard\Facades\RuntimeGuard;

// Inspect input with all enabled guards
$results = RuntimeGuard::inspect($userInput);

// Check if threat was detected
if ($results->hasThreat()) {
    Log::warning('Threat detected', [
        'level' => $results->getHighestThreatLevel()->value,
        'guards' => $results->getTriggeredGuards(),
    ]);
}

// Inspect with a specific guard
$result = RuntimeGuard::inspectWith('sql-injection', $userInput);

Controller Trait

use M9nx\RuntimeGuard\Traits\InspectsInput;

class FormController extends Controller
{
    use InspectsInput;

    public function submit(Request $request)
    {
        $this->inspectRequest($request);
        
        // Or inspect specific fields only
        $this->inspectRequestFields(['name', 'email', 'message']);
    }
}

PHP Attributes

use M9nx\RuntimeGuard\Attributes\GuardProfile;
use M9nx\RuntimeGuard\Attributes\SkipGuard;

class AdminController extends Controller
{
    #[GuardProfile('admin')]
    public function sensitiveAction()
    {
        // Uses 'admin' profile with stricter rules
    }

    #[SkipGuard(['xss'])]
    public function richTextEditor()
    {
        // XSS guard skipped for this endpoint
    }
}

Configuration

// config/runtime-guard.php

return [
    'enabled' => env('RUNTIME_GUARD_ENABLED', true),
    'mode' => env('RUNTIME_GUARD_MODE', 'log'), // 'block', 'log', 'silent'
    
    'pipeline' => [
        'strategy' => 'short_circuit', // 'full', 'short_circuit', 'threshold'
        'tiered' => true,
    ],

    'guards' => [
        'sql-injection' => ['enabled' => true, 'priority' => 100],
        'xss' => ['enabled' => true, 'priority' => 90],
        'command-injection' => ['enabled' => true, 'priority' => 95],
        // ... more guards
    ],

    'profiles' => [
        'api' => [
            'guards' => ['sql-injection', 'command-injection'],
            'mode' => 'log',
        ],
        'admin' => [
            'guards' => '*',
            'mode' => 'block',
        ],
    ],
];

Security Guards

Guard Description Default Priority
sql-injection SQL injection patterns 100
command-injection Shell command injection 95
xss Cross-site scripting 90
deserialization Unsafe deserialization 92
nosql-injection NoSQL/MongoDB injection 88
file-operation Path traversal, file inclusion 85
ssrf Server-side request forgery 80
mass-assignment Dangerous field assignment 75
graphql GraphQL abuse prevention 70
jwt JWT/Token attacks 65
bot-behavior Bot/automation detection 60
session-integrity Session hijacking detection 55
anomaly Behavioral anomaly detection 50

Middleware Usage

// routes/web.php

// Apply to specific routes
Route::middleware(['runtime-guard'])->group(function () {
    Route::post('/submit', [FormController::class, 'submit']);
});

// With a specific profile
Route::middleware(['runtime-guard:admin'])->group(function () {
    Route::resource('/admin/users', AdminUserController::class);
});

Artisan Commands

# List all registered guards
php artisan runtime-guard:list

# Test a guard with sample input
php artisan runtime-guard:test sql-injection "1' OR '1'='1"

# Check system status
php artisan runtime-guard:status

# Toggle guards at runtime
php artisan runtime-guard:toggle sql-injection --disable

# Generate a new custom guard
php artisan runtime-guard:make-guard CustomGuard

# Run security audit
php artisan runtime-guard:security-audit

Testing

RuntimeGuard provides testing utilities for your application tests:

use M9nx\RuntimeGuard\Facades\RuntimeGuard;

class SecurityTest extends TestCase
{
    public function test_sql_injection_is_detected(): void
    {
        $fake = RuntimeGuard::fake();
        
        $this->post('/api/search', ['query' => "1' OR '1'='1"]);
        
        $fake->assertThreatDetected();
        $fake->assertGuardTriggered('sql-injection');
    }

    public function test_clean_input_passes(): void
    {
        $fake = RuntimeGuard::fake();
        
        $this->post('/api/search', ['query' => 'normal search']);
        
        $fake->assertNoThreatsDetected();
    }
}

Documentation

Document Description
Architecture Internal architecture and component overview
Features Complete feature list and capabilities
Changelog v4.0 What's new in version 4.0
Contributing Contribution guidelines
Security Policy Security reporting procedures

Contributing

Contributions are welcome! Please see CONTRIBUTING.md for details.

# Development setup
composer install
composer test
composer analyse

Security

If you discover a security vulnerability, please send an email to the maintainer instead of using the issue tracker. See SECURITY.md for details.

Credits

License

The MIT License (MIT). See LICENSE for more information.

统计信息

  • 总下载量: 0
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 2
  • 点击次数: 3
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 1
  • Watchers: 1
  • Forks: 0
  • 开发语言: PHP
访问仓库

其他信息

  • 授权协议: MIT
  • 更新时间: 2026-01-06

承接程序开发

PHP开发

VUE

Vue开发

前端开发

小程序开发

公众号开发

系统定制

数据库设计

云部署

网站建设

安全加固