2017 © Pedro Peláez
 

library normalizer

This package is useful for the input normalization, before running hardcore IDS/IPS rules. It normalize the inputs to fight against WAF Bypassing techniques using obfuscation or other techniques to hide payloads.

image

shieldfy/normalizer

This package is useful for the input normalization, before running hardcore IDS/IPS rules. It normalize the inputs to fight against WAF Bypassing techniques using obfuscation or other techniques to hide payloads.

  • Sunday, April 16, 2017
  • by shieldfy
  • Repository
  • 8 Watchers
  • 7 Stars
  • 762 Installations
  • PHP
  • 2 Dependents
  • 0 Suggesters
  • 2 Forks
  • 1 Open issues
  • 6 Versions
  • 17 % Grown

The README.md

Shieldfy Normaizer

This package is useful for the input normalization, before running hardcore IDS/IPS rules. It normalize the inputs to fight against WAF Bypassing techniques using obfuscation or other techniques to hide payloads., (*1)

Packagist VersionEye Dependencies Scrutinizer Code Quality Code Climate License, (*2)

Table Of Contents

Usage

Usage is pretty easy and straightforward:, (*3)

$value = "select/*!from*/information_schema.columns/*!where*/column_name%20/*!like*/char(37,%20112,%2097,%20115,%20115,%2037)";

// Run all normalizers
$result = (new \Shieldfy\Normalizer\Normalizer($value))->runAll();
echo $result;
// select from information_schema.columns where column_name like char(37, 112, 97, 115, 115, 37) %pass%

// Run single normalizer
$result = (new \Shieldfy\Normalizer\Normalizer($value))->run('comments');

Installation

Install the package via composer:, (*4)

composer require shieldfy/normalizer

note about serialization

Serialize / Unserialize can be danger due to its ability to convert object and it can be used to preform object injection attack. So explicit normalization not allowed in php version before php 7 thats because php7 offered new options to prevent object serialization see here, (*5)

Changelog

Refer to the Changelog for a full history of the project., (*6)

Support

The following support channels are available at your fingertips:, (*7)

Contributing & Protocols

Thank you for considering contributing to this project! The contribution guide can be found in CONTRIBUTING.md., (*8)

Bug reports, feature requests, and pull requests are very welcome., (*9)

Security Vulnerabilities

If you discover a security vulnerability within this project, please send an e-mail to security@shieldfy.com. All security vulnerabilities will be promptly addressed., (*10)

Credits

This package is based on the original converters written by Mario Heiderich & Christian Matthies the creators of PHP IDS project with help from the generous security & opensource community., (*11)

License

This software is released under The MIT License (MIT)., (*12)

(c) 2016 Shieldfy Inc, Some rights reserved., (*13)

The Versions

16/04 2017

dev-master

9999999-dev

This package is useful for the input normalization, before running hardcore IDS/IPS rules. It normalize the inputs to fight against WAF Bypassing techniques using obfuscation or other techniques to hide payloads.

  Sources   Download

MIT

The Requires

 

by Shieldfy Inc.
by Eslam Salem

security application firewall ids detection attack obfuscation bypass normalize ips shieldfy

16/04 2017

1.0.4

1.0.4.0

This package is useful for the input normalization, before running hardcore IDS/IPS rules. It normalize the inputs to fight against WAF Bypassing techniques using obfuscation or other techniques to hide payloads.

  Sources   Download

MIT

The Requires

 

by Shieldfy Inc.
by Eslam Salem

security application firewall ids detection attack obfuscation bypass normalize ips shieldfy

01/04 2017

1.0.3

1.0.3.0

This package is useful for the input normalization, before running hardcore IDS/IPS rules. It normalize the inputs to fight against WAF Bypassing techniques using obfuscation or other techniques to hide payloads.

  Sources   Download

MIT

The Requires

 

by Shieldfy Inc.
by Eslam Salem

security application firewall ids detection attack obfuscation bypass normalize ips shieldfy

01/02 2017

1.0.2

1.0.2.0

This package is useful for the input normalization, before running hardcore IDS/IPS rules. It normalize the inputs to fight against WAF Bypassing techniques using obfuscation or other techniques to hide payloads.

  Sources   Download

MIT

The Requires

 

by Shieldfy Inc.
by Eslam Salem

security application firewall ids detection attack obfuscation bypass normalize ips shieldfy

29/11 2016

1.0.1

1.0.1.0

This package is useful for the input normalization, before running hardcore IDS/IPS rules. It normalize the inputs to fight against WAF Bypassing techniques using obfuscation or other techniques to hide payloads.

  Sources   Download

MIT

The Requires

 

by Shieldfy Inc.
by Eslam Salem

security application firewall ids detection attack obfuscation bypass normalize ips shieldfy

27/11 2016

1.0.0

1.0.0.0

input normalization package

  Sources   Download

MIT

The Requires

 

The Development Requires

by Shieldfy Inc.
by Eslam Salem

security detection normalize shieldfy