laravel-package-doctor
by satheez
Audit a Laravel project's Composer dependencies for upgrade safety, security, and Laravel compatibility.
laravel-encrypted-route-params
by imran
Encrypt sensitive Laravel route parameters with Crypt and decrypt them before implicit binding.
laravel-security-scanner
by laramint
Laravel-aware security rules for php-security-scanner. Detects Laravel SQL injection (DB::raw, whereRaw), mass assignment, debug/dd leaks, unsafe validators, CSRF bypass, insecure cookies, env exposure, Blade raw echo, open redirect, Http SSRF, Storage/File path traversal, file-upload validation gaps, Auth/Crypt/Artisan/Process/Config injection, view-name injection, session fixation, and Mail header injection.
antibot-laravel
Sistema de detecção e bloqueio de bots, proxies e VPNs para Laravel
laravel-sdk
by soc-warden
SOCWarden security observability SDK for Laravel — detect brute force, impossible travel, credential spray, and more from one API call.
laravel-superadmin
by codenzia
Protected super admin account for Laravel. Zero-config authorization via Gate::before, defense-in-depth Eloquent observer, optional Filament v4 plugin, vendor-only CLI commands with friction controls. Designed for vendor-deployed applications where customer admins must not accidentally delete the vendor's support account.
laravel-shield
by shieldapp
A Laravel package for website health monitoring, IP threat detection, traffic analysis and auto-banning.
health-laravel
Kanbino Health endpoint for Laravel — emits stack profile + extensible probes for uptime + security advisory matching
laravel-anti-xss
by ricventu
Laravel wrapper for voku/anti-xss — Facade, service, validation rule, middleware and Blade directive to sanitize XSS in strings.
laravel-security
by make-dev
Modern security headers for Laravel — turn-key. Strict CSP with per-request nonces and 'strict-dynamic', Subresource Integrity with smart noise filtering, HSTS, Permissions-Policy. An interactive setup wizard asks which third parties you use (GTM, HubSpot, Stripe, reCAPTCHA, and a dozen more) and wires the right directives automatically. First-party violation reporting endpoints, Filament + Livewire + Vite friendly, Vapor-ready. Laravel 11, 12, 13 on PHP 8.2+.
laravel-privilege-manager
by stt196
A robust, security-hardened, and performance-optimized privilege/permission management system for Laravel applications with menu-based access control.
laravel-csw
by paulohps
A Laravel package to monitor Composer dependencies for security vulnerabilities
laravel-securescan
A powerful security scanner for Laravel applications with CLI and web dashboard support to detect vulnerabilities like SQL Injection, XSS, secrets, and misconfigurations.
laravel-bot-guardian
by febryntara
Lightweight Laravel bot protection middleware that detects and blocks automated attacks based on velocity, honeypots, header anomalies, and behavioral patterns.
laravel-fingerprint
by panchodp
Laravel Session theft protection via client fingerprinting — auto-invalidates sessions used from unrecognized devices.
laravel-guarddog
by jaydeep
Laravel GuardDog — Scan your Laravel project for common security vulnerabilities and generate beautiful HTML reports.
laravel-feature-policy
by codebar-ag
Permissions-Policy (Feature-Policy) header builder and middleware for Laravel
laravel-hybrid-encryption
by jjoek
Laravel package for hybrid encryption (RSA-OAEP + AES-256-GCM) for secure API request handling
laravel-guardian
by datalogix
Extensible Laravel authentication package providing actions for login, logout, sign-up, password reset, email verification and related security features.
laravel-ai-aegis
by mrpunyapal
A native, local-first security middleware for the Laravel AI SDK with bidirectional pseudonymization, prompt injection defense, and real-time Pulse telemetry.
laravel-user-is-admin
by lvlup-dev
Laravel package that adds an is_admin column to the users table and provides a middleware to protect admin-only routes.
laravel-cybershield
Enterprise-grade Laravel security package providing WAF firewall protection, rate limiting, bot detection, honeypot traps, IP geo-blocking, CSRF/XSS/SQLi defence, API gateway security, real-time threat monitoring, malware scanning, and a built-in security dashboard — all configurable via a single config file.
laravel-ip-capture
by jeremykenedy
A Laravel package to automatically capture and track IP addresses on Eloquent model actions such as signup, login, update, and deletion.
laravel-security
by salehye
🔥 Advanced Security Package for Laravel 12 - The most comprehensive security solution for Laravel applications
laravel-ai-guard
by jayanta
Protect your Laravel app from AI scrapers, LLM crawlers, and prompt injection attacks
laravel-obfuscator
by smhtet
Reversible identifier obfuscation for Laravel projects (obfuscate locally, deobfuscate on trusted server with same key).
cli
Static analysis CLI and MCP server for Laravel projects — zero dependencies, pure PHP 8.2+
laravel-hack-auditor
by mahdisphp
AI-powered security auditor & CTF generator for Laravel. Watch AI hack your app in 15 seconds.
laravel-threat-detection
by jayanta
Real-time threat detection and security logging for Laravel applications. Detects SQL injection, XSS, DDoS, scanner bots, and more.
laravel-security-headers
Laravel middleware for comprehensive security headers including CSP with nonce support, HSTS, and Permissions-Policy
laravel-fortress
by chuxolab
1, 755 engineering checks for secure, correct, auditable Laravel applications — with git hooks and merge protection
laravel-keyring
by gause
A driver-based secret manager for Laravel — injects secrets from OS keychains into your environment at runtime.
laravel-doctor
by lucas-baggio
CLI agent-like tool that analyzes Laravel projects for architecture, quality, security, documentation and DX
laravel-mfa
by mchuluq
Multi-Factor Authentication package for Laravel with TOTP, Email OTP, and WebAuthn support
laravel-teapot
by aureola
Laravel teapot to trap vulnerability scanners and integrate with fail2ban via HTTP 418
laravel-safeguard
by abdian
Secure file upload validation for Laravel — scans for malware, fake MIME types, malicious scripts, and hidden threats.
laravel-security
by xchimx
A Laravel package for automated monitoring of security vulnerabilities and outdated packages in Composer and NPM dependencies.
multi-tenant-laravel-permissions
by ubxty
A powerful, multi-tenant capable permission handling package for Laravel with role-based access control, wildcard permissions, high-performance caching, and complete domain/subdomain-based tenancy support.
laravel-app-context
by ronu
Multi-channel application context management for Laravel with JWT and API Key authentication