fate0/prvd: PHP Runtime Vulnerability Detection

Name	Latest commit message	Commit time
Failed to load latest commit information.
artwork	Add dvwa docs	Oct 25, 2018
dvwa	add English README	Feb 12, 2019
src	move PRVD_Fuzzer_Client to shutdown function	Dec 9, 2018
tests	Add more tests	Oct 17, 2018
tools	add php version fuzzer	Dec 6, 2018
.gitignore	Hello World	Oct 16, 2018
.travis.yml	fix travis test error	Feb 12, 2019
Dockerfile	Add dockerfile for prvd	Nov 13, 2018
LICENSE	Hello World	Oct 16, 2018
README.md	Add English README	Feb 11, 2019
README.zh-CN.md	Add English README	Feb 11, 2019
composer.json	fix travis test error	Feb 12, 2019
entrypoint.php	Add dockerfile for prvd	Nov 13, 2018
phpunit.xml	Hello World	Oct 16, 2018
prvd.ini	Add dockerfile for prvd	Nov 13, 2018
test.sh	Hello World	Oct 16, 2018
travis-php.ini	Make it simple	Nov 12, 2018

Type

Name

Latest commit message

Commit time

Failed to load latest commit information.

artwork

Add dvwa docs

Oct 25, 2018

dvwa

add English README

Feb 12, 2019

src

move PRVD_Fuzzer_Client to shutdown function

Dec 9, 2018

tests

Add more tests

Oct 17, 2018

tools

add php version fuzzer

Dec 6, 2018

.gitignore

Hello World

Oct 16, 2018

.travis.yml

fix travis test error

Feb 12, 2019

Dockerfile

Add dockerfile for prvd

Nov 13, 2018

LICENSE

Hello World

Oct 16, 2018

README.md

Add English README

Feb 11, 2019

README.zh-CN.md

Add English README

Feb 11, 2019

composer.json

fix travis test error

Feb 12, 2019

entrypoint.php

Add dockerfile for prvd

Nov 13, 2018

phpunit.xml

Hello World

Oct 16, 2018

prvd.ini

Add dockerfile for prvd

Nov 13, 2018

test.sh

Hello World

Oct 16, 2018

travis-php.ini

Make it simple

Nov 12, 2018

中文文档

Introduction
Installation
Configuration
DVWA
How it work
Ref

Introduction

PHP Runtime Vulnerability Detection

Installation

git clone to a non-web directory, assuming the directory is /data/prvd

git clone https://github.com/fate0/prvd.git /data/prvd

composer

install xmark extension

install xmark

edit php.ini

set auto_prepend_file to /data/prvd/src/Entry.php
set extension to xmark.so
for the rest of the configuration, please copy the contents of prvd.ini in this project

Configuration

edit /data/prvd/src/Config.php

define("PRVD_FUZZER_DSN", "");
define("PRVD_SENTRY_DSN", "");        
define("PRVD_TAINT_ENABLE", true);
define("PRVD_TANZI", "xtanzi");
define("PRVD_LOG_FILE", "/data/prvd/prvd.log");

DVWA

You can use the docker to experience prvd

docker pull fate0/prvd-dvwa
docker run -d -e "PRVD_SENTRY_DSN={YOUR_SENTRY_DSN}" -p 80:80 fate0/prvd-dvwa

The environment variables that can be set are

PRVD_FUZZER_DSN
PRVD_SENTRY_DSN
PRVD_TAINT_ENABLE
PRVD_TANZI

More about prvd-dvwa can be seen here

How it work

PHP Runtime Vulnerability Detection

Ref

xmark

Join GitHub today

Table of Contents

Introduction

Installation

Configuration

DVWA

How it work

Ref