Security

Tools:

• sqlmap - Automatic SQL injection and database takeover tool
• PHPGGC - PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.

Laravel Secutiry Checklist

1. Cross-Site Scripting (XSS)
2. SQL Injection (SQLi)
3. Cross-Site Request Forgery (CSRF)
4. Insecure Direct Object References (IDOR)
5. Type Juggling
6. Credential Stuffing
7. PHP Object Injection
8. Remote Code Execution (RCE)
9. Server-Side Request Forgery (SSRF)
10. Privilege Escalation

Resources

• Laravelnews - The Laravel Security Checklist