PHP code example of mohamedhekal / laravel-vulnerability-audit

    
        
<?php
require_once('vendor/autoload.php');

/* Start to develop here. Best regards https://php-download.com/ */

    

mohamedhekal / laravel-vulnerability-audit example snippets

return [
    'scanners' => [
        'password' => [
            'enabled' => true,
            'min_strength' => 8,
            'check_common_passwords' => true,
        ],
        'environment' => [
            'enabled' => true,
            'strict_mode' => false,
        ],
        'database' => [
            'enabled' => true,
            'check_timestamps' => true,
            'check_soft_deletes' => true,
        ],
        'packages' => [
            'enabled' => true,
            'check_updates' => true,
            'critical_packages' => ['laravel/framework', 'symfony/console'],
        ],
        'permissions' => [
            'enabled' => true,
            'sensitive_files' => ['.env', 'storage', 'logs'],
        ],
    ],
    
    'notifications' => [
        'enabled' => true,
        'channels' => ['mail', 'slack'],
        'recipients' => ['[email protected]'],
    ],
    
    'reporting' => [
        'save_reports' => true,
        'report_path' => storage_path('security-reports'),
        'retention_days' => 30,
    ],
];

use MohamedHekal\LaravelVulnerabilityAudit\Services\SecurityAuditService;

$auditService = app(SecurityAuditService::class);

// Run all scanners
$results = $auditService->runFullAudit();

// Run specific scanner
$passwordResults = $auditService->runScanner('password');

// Get audit summary
$summary = $auditService->getAuditSummary();

// In your routes/web.php
Route::middleware(['auth', 'admin'])->group(function () {
    Route::get('/security-audit', [SecurityAuditController::class, 'dashboard']);
    Route::get('/security-audit/reports', [SecurityAuditController::class, 'reports']);
});

namespace App\Security\Scanners;

use MohamedHekal\LaravelVulnerabilityAudit\Contracts\SecurityScanner;

class CustomSecurityScanner implements SecurityScanner
{
    public function scan(): array
    {
        return [
            'name' => 'Custom Security Check',
            'status' => 'warning',
            'message' => 'Custom security issue detected',
            'recommendation' => 'Implement custom security measure',
            'severity' => 'medium',
        ];
    }
}

'custom_scanners' => [
    \App\Security\Scanners\CustomSecurityScanner::class,
],

// In your notification class
use MohamedHekal\LaravelVulnerabilityAudit\Notifications\SecurityAuditNotification;

class SecurityAlert extends SecurityAuditNotification
{
    public function toSlack($notifiable)
    {
        return (new SlackMessage)
            ->error()
            ->content('Security audit completed with issues detected!')
            ->attachment(function ($attachment) {
                $attachment->title('Security Issues')
                    ->content($this->auditResults);
            });
    }
}

// In app/Console/Kernel.php
protected function schedule(Schedule $schedule)
{
    $schedule->command('security:scan')
        ->daily()
        ->at('02:00')
        ->withoutOverlapping();
        
    $schedule->command('security:report --format=html')
        ->weekly()
        ->sundays()
        ->at('09:00');
}

bash
php artisan vendor:publish --provider="MohamedHekal\LaravelVulnerabilityAudit\LaravelVulnerabilityAuditServiceProvider"

bash
php artisan security:scan

bash
php artisan security:report --format=html
php artisan security:report --format=pdf

bash
php artisan security:schedule