Ultra lightweight, dependency free and standalone JSON web token (JWT) library for PHP5.6 to PHP8.4+. This library makes JWT a cheese. It is a minimal JWT integration for PHP.

Lightweight, fast, and secure TOTP (2FA) authentication library for PHP — battle tested, dependency free, and ready for enterprise integration.

A companion project for our blog post describing how to secure public APIs client-side.

😎 Succeeding with application security

Quickstart Approov integration example for the PHP Laravel framework

Quickstart Approov integration example for PHP without depending on a framework.

Advanced OAuth2 token monitoring, threat detection & forensics for Laravel Passport. Track tokens, detect brute-force attacks, analyze client activity from CLI.

High-performance multi-driver rate limiting library (Redis, MongoDB, MySQL) with exponential backoff, global IP limits, and PSR middleware integration for enterprise-grade API protection

PHP library for interfacing with APIs that implement hmac signatures

A security PoC demonstrating how a public form with an embedded API key can bypass backend authentication, allowing attackers to access protected Express endpoints without credentials.

Zero-config PSR-15 JWT authentication middleware. Supports HS256/RS256, Bearer/custom headers, optional user loading, and scope validation. Framework-agnostic with sensible defaults