PHPackages fate0/prvd - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. fate0/prvd ActiveProject[Security](/categories/security) fate0/prvd ========== PHP Runtime Vulnerability Detection 480168[1 issues](https://github.com/fate0/prvd/issues)PHPCI failing Since May 25Pushed 6y ago10 watchersCompare [ Source](https://github.com/fate0/prvd)[ Packagist](https://packagist.org/packages/fate0/prvd)[ RSS](/packages/fate0-prvd/feed)WikiDiscussions master Synced 3d ago READMEChangelogDependenciesVersions (1)Used By (0) prvd ==== [](#prvd) [![Build Status](https://camo.githubusercontent.com/4dc7c5452fdc884a0c014972cb2ea9d8b409189272d36e09e2c7eb8d7db50774/68747470733a2f2f7472617669732d63692e6f72672f66617465302f707276642e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/fate0/prvd)[![GitHub](https://camo.githubusercontent.com/a07f3bc265d0671dab68dcd9096d74cd0e666ba789e6bbb4e6698c95849a2a27/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f66617465302f707276642e737667)](https://camo.githubusercontent.com/a07f3bc265d0671dab68dcd9096d74cd0e666ba789e6bbb4e6698c95849a2a27/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f66617465302f707276642e737667) [中文文档](https://github.com/fate0/prvd/blob/master/README.zh-CN.md) ### Table of Contents [](#table-of-contents) - [Introduction](#introduction) - [Installation](#installation) - [Configuration](#configuration) - [DVWA](#dvwa) - [How it work](#how-it-work) - [Ref](#ref) ### Introduction [](#introduction) PHP Runtime Vulnerability Detection [![sentry_detail](https://raw.githubusercontent.com/fate0/prvd/master/artwork/sentry_detail.png)](https://raw.githubusercontent.com/fate0/prvd/master/artwork/sentry_detail.png) ### Installation [](#installation) 1. git clone to a non-web directory, assuming the directory is `/data/prvd` ``` git clone https://github.com/fate0/prvd.git /data/prvd ``` 2. composer ``` composer install ``` 3. install xmark extension - [install xmark](https://github.com/fate0/xmark) 4. edit php.ini - set `auto_prepend_file` to `/data/prvd/src/Entry.php` - set `extension` to `xmark.so` - for the rest of the configuration, please copy the contents of prvd.ini in this project ### Configuration [](#configuration) edit `/data/prvd/src/Config.php` ``` define("PRVD_FUZZER_DSN", ""); define("PRVD_SENTRY_DSN", ""); define("PRVD_TAINT_ENABLE", true); define("PRVD_TANZI", "xtanzi"); define("PRVD_LOG_FILE", "/data/prvd/prvd.log"); ``` Sign up for an account at or install sentry server by yourself ### DVWA [](#dvwa) You can use the docker to experience prvd ``` docker pull fate0/prvd-dvwa docker run -d -e "PRVD_SENTRY_DSN={YOUR_SENTRY_DSN}" -p 80:80 fate0/prvd-dvwa ``` The environment variables that can be set are - `PRVD_FUZZER_DSN` - `PRVD_SENTRY_DSN` - `PRVD_TAINT_ENABLE` - `PRVD_TANZI` More about `prvd-dvwa` can be seen [here](https://github.com/fate0/prvd/blob/master/dvwa/README.md) ### How it work [](#how-it-work) - [PHP Runtime Vulnerability Detection](http://blog.fatezero.org/2018/11/11/prvd/) ### Ref [](#ref) - [xmark](https://github.com/fate0/xmark) ### Health Score 26 — LowBetter than 43% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity24 Limited adoption so far Community19 Small or concentrated contributor base Maturity37 Early-stage or recently created project Bus Factor1 Top contributor holds 75% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://avatars.githubusercontent.com/u/6829628?v=4)[fate0](/maintainers/fate0)[@fate0](https://github.com/fate0) --- Top Contributors [![fate0](https://avatars.githubusercontent.com/u/6829628?v=4)](https://github.com/fate0 "fate0 (3 commits)")[![Lz1y](https://avatars.githubusercontent.com/u/23468993?v=4)](https://github.com/Lz1y "Lz1y (1 commits)") --- Tags php7 ### Embed Badge ![Health badge](/badges/fate0-prvd/health.svg) ``` [![Health](https://phpackages.com/badges/fate0-prvd/health.svg)](https://phpackages.com/packages/fate0-prvd) ``` ### Alternatives [defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M214](/packages/defuse-php-encryption)[roave/security-advisories Prevents installation of composer packages with known security vulnerabilities: no API, simply require it 2.9k97.3M6.4k](/packages/roave-security-advisories)[mews/purifier Laravel 5/6/7/8/9/10 HtmlPurifier Package 2.0k16.7M113](/packages/mews-purifier)[robrichards/xmlseclibs A PHP library for XML Security 41278.1M118](/packages/robrichards-xmlseclibs)[bjeavons/zxcvbn-php Realistic password strength estimation PHP library based on Zxcvbn JS 86917.5M63](/packages/bjeavons-zxcvbn-php)[enlightn/security-checker A PHP dependency vulnerabilities scanner based on the Security Advisories Database. 33732.2M110](/packages/enlightn-security-checker) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)