Thursday, January 22, 2009

PHPIDS: Attack Me, Please!

Of the many projects I've had the pleasure of reviewing for toolsmith over the past few years, one of my absolute favorites is PHPIDS.
PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application.
The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in exactly the way you want it to.

More specifically, PHPIDS enables you to see who is attacking your site and how, and all without the tedious trawling of logfiles or searching hacker forums for your domain.
PHPIDS is subject to minor releases every few months, and the release of 0.5.4 (the last minor release before 0.6) just before Christmas reminded me to invite you, dear reader, to kick the crap out of it.
Give it all you've got, beat on it. Really. That's the idea.
The PHPIDS Demo Smoketest will test how 1337 your mad web app testing skills are and give you a grade for overall impact, just like in school...the school of XSS, the school of leetness, the interlocutor of insertion.
So enjoy, and see what you've got in the way of evasive techniques and pwnage prowess.
I can see it now...I pass and receive an overall impact rating of 54. "Wow!", I say. "That's got to be as good as something Gareth Heyes might utilize to circumvent the centrifuge!"
To which David Ross says "Hah! I know Gareth Heyes, and you sir, are no Gareth Heyes!"
*sigh* I feel so inadequate. Life as a white hat script kiddie is teh sux0r.

Enjoy. ;-)
Should you wish to read my article on PHPIDS, from the July 2008 ISSA Journal, it's here.

Most importantly: PHP web app developers and site operators one and all: give PHPIDS a close look and consider utilizing it to improve your offering's security. I promise you, you'll quickly learn where your code passes muster and where it doesn't. | digg | Submit to Slashdot

No comments:

Moving blog to

toolsmith and HolisticInfoSec have moved. I've decided to consolidate all content on one platform, namely an R markdown blogdown sit...