Skip to main content



GitBook Released: Secure Code - PHP

This Gitbook serves as ready-to-use one-place reference for PHP secure codes that have been implemented in various sources/frameworks/articles on the web. Copyright and licensing belong to respective owners. If you like to implement them into your commercial products, make sure you check the source and its licensing terms for compliance.

Those code samples may not be easy copy-paste. They may require you to include associated functions in header files.

Detailed explanations of each attack can be found on OWASP and CWE sites. Hence, this book features only actionable secure codes (In real world of rushing dead-time in DevOps, developers don't have time to deep dive learn security stuffs most of the times).

In future,  secure codes for other languages will be extended.  Stay tuned.

Regardless of saying a word "secure", those functions may possibly be bypassed or abused.

Happy secure coding,

Latest Posts

Evilsocket plugins: replaceimage, injectjson, injecttext


Released: IOS Surface Security Checker, CRL Revocation Checker




Added Online POC Tool: Bypass Referrer Checker

Hybrid Testing Guide - Report Generator (Portswigger + OWASP + WASC + a few others)

OWASP Testing Guide v4 - Report Generator

SSL Breacher Update

SSL Breacher - Yet Another SSL Test Tool

[Tool] DLL Hijack Helper Updated with killcmd support