8 Best PHP Security Libraries


For creating a dynamic website PHP is the first choice for the developers. PHP code can be simply mixed with HTML code, or it can be used in combination with various templating engines and web frameworks.In this post we have put together a list of 8 Best PHP Security Libraries which will help the PHP developers to create security interfaces for web applications.

Best PHP Security Libraries 

OWASP PHP Security Library

It contains a sample framework to demonstrate proper usage of the tools and libraries, as well as guidelining new PHP projects. It can also be easily merged with existing PHP code, because it is both decoupled and flexible. Proper usage of PHPSEC will result in the target system being much more secure.


  • Basic Password Library
  • Advance Password Library
  • User Library and Management
  • Crypto Library
  • Password Library
  • Database Library
  • Download Manager Library
  • HTTP Library
  • Tainted Library
  • Logs Library


View Details


PHP Password Lib

PHP Password Lib is a library for generating and validating passwords.It aims to be an all-inclusive cryptographic library for all cryptographic needs. It is meant to be easy to install and use, yet extensible and powerful enough for even the most experienced developer.


View Details


HTML Purifier

HTML Purifier is a standards-compliant HTML filter library written in PHP. HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also make sure your documents are standards compliant, something only achievable with a comprehensive knowledge of W3C‘s specifications.


View Details


Security Check – Sensiolabs

The SensioLabs security advisories checker is a simple tool, available as a web service or as an online application, that uses the information from your composer.lock file to check for known security vulnerabilities. This checker is a frontend for the security advisories database.


View Details


Hybrid Auth

HybridAuth enable developers to easily build social applications to engage websites vistors and customers on a social level by implementing social signin, social sharing, users profiles, friends list, activities stream, status updates and more.

HybridAuth goal is to act as an abstract api between your application and various social apis and identities providers such as Facebook, Twitter and Google.


View Details


PHP Login Project

PHP-login Project is a script for adding authentication to your PHP projects.


View Details


PHP Intrusion Detection System


View Details



TCrypto is a simple and flexible PHP 5.3+ in-memory key-value storage library. By default, a cookie will be used as a storage backend.

TCrypto has been designed from the ground up with security in mind. Safe algorithms and modes. Automatic and safe initialization vector creation. Encryption and authentication key creation (Keytool) using strong randomness. Key rotation (versioned keys).


View Details


  1. 1
  2. 3

Leave a Reply