blob: 3cdb90958bb4420ee0f6ffb40495ec813baa71a0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
Propaganda
==========
This pages lists various mentions, articles, usages and presentations about Snuffleupagus.
Talks
-----
2017
""""
- `BerlinSide0x08 <https://berlinsides.org/?page_id=2168>`_ - `slides <https://github.com/jvoisin/snuffleupagus/blob/master/slides/berlinsides_2017.pdf>`__
- `Hack.lu 2017 <https://2017.hack.lu/talks/>`_ - `slides <https://github.com/jvoisin/snuffleupagus/blob/master/slides/hacklu_2017.pdf>`__ - `video <https://www.youtube.com/watch?v=RzaRiuJ6MkI>`__
- `BlackAlps <https://blackalps.ch/2017program.php>`_ - `slides <https://github.com/jvoisin/snuffleupagus/blob/master/slides/blackalps_2017.pdf>`__ - `video <https://www.youtube.com/watch?v=2GeUnOzDGxc>`__
2018
""""
- `Pass the Salt <https://2018.pass-the-salt.org/schedule/#snuffleupagus>`_ - `slides <https://github.com/jvoisin/snuffleupagus/blob/master/slides/passthesalt_2018.pdf>`__ - `video <https://passthesalt.ubicast.tv/videos/snuffleupagus-killing-bug-classes-and-virtual-patching-the-rest/>`__
- `44con <https://44con.com/44con/44con-2018/44con-2018-talks/>`__ - `slides <https://github.com/jvoisin/snuffleupagus/blob/master/slides/44con_2018.pdf>`__
2020
""""
- `Modern PHP security - sec4dev 2020, Vienna - Synacktiv <https://www.synacktiv.com/ressources/modern_php_security_sec4dev.pdf>`__ - `sec4dev 2020 <https://sec4dev.io/2020>`__
Mentions
--------
2017
""""
- `Habr - PHP-Дайджест № 118 – свежие новости, материалы и инструменты <https://habr.com/en/company/zfort/blog/339630/>`__ (ru) - Habr
- `Intrinsec's blog - Hack.lu 2017 <https://securite.intrinsec.com/2017/10/20/hack-lu-2017/>`__ (fr) - Intrinsec's blog
- `Paragon Initiative Enterprises Blog - The 2018 Guide to Building Secure PHP Software <https://paragonie.com/blog/2017/12/2018-guide-building-secure-php-software>`__
2018
""""
- `Habr - PHP-Дайджест № 138 <https://habr.com/en/company/zfort/blog/422069/>`__ (ru) - Habr
- `PhpStorm's blog - PHP Annotated Monthly <https://blog.jetbrains.com/phpstorm/2018/08/php-annotated-monthly-august-2018/>`__ - PhpStorm's blog
- `PHP Weekly <http://www.phpweekly.com/archive/2018-02-08.html>`__
- `New variant in wp-gdpr-compliance vulnerability and fixing it with virtual
patching <https://medium.com/alertot/new-variant-in-wp-gdpr-compliance-vulnerability-and-fixing-it-with-virtual-patching-4b72d7496c1c>`__
- alertot
2019
""""
- `PhpStorm's blog - PHP Annotated <https://blog.jetbrains.com/phpstorm/2019/07/php-annotated-july-2019/>`__ - PhpStorm's blog
- `Habr - PHP-Дайджест № 160 <https://habr.com/ru/post/460022/>`__ (ru) - Habr
2020
""""
- `Modern PHP Security Part 2: Breaching and hardening the PHP engine <https://labs.detectify.com/2020/08/20/modern-php-security-part-2-breaching-and-hardening-the-php-engine/>`__ - Detectify's blog
2021
""""
- `Habr - PHP Дайджест № 196 <https://habr.com/ru/post/536726/>`__ (ru) - Habr
Articles
--------
2017
""""
- `Killing php bug classes at berlinsides <https://dustri.org/b/killing-php-bug-classes-at-berlinsides.html>`__ - dustri.org
- `Snuffleu…what? <https://fr33tux.org/post/snuffleupagus/>`__ - fr33tux.org
- `Behold the Snuffleupagus <https://memze.ro/posts/behold-the-snuffleupagus/>`__ - memze.ro
- `How to harden AdwCleaner’s web backend using PHP <https://blog.malwarebytes.com/security-world/technology/2017/12/harden-adwcleaner-php-web-backend/>`__ - Malwarebyte's blog
- `First release of Snuffleupagus <https://dustri.org/b/first-release-of-snuffleupagus.html>`__ - dustri.org
- `PHP Magazine <http://phpmagazine.net/2017/11/snuffleupagus-experimental-security-module-for-php7.html>`__ - phpmagazine.net
2018
""""
- `Snuffleupagus 0.3.0 - Dentalium elephantinum <https://dustri.org/b/snuffleupagus-030-dentalium-elephantinum.html>`__ - dustri.org
- `Snuffleupagus version 0.3.0 - Dentalium elephantinum <https://linuxfr.org/news/snuffleupagus-version-0-3-0-dentalium-elephantinum>`__ (fr) - LinuxFr
2019
""""
- `Проект Snuffleupagus развивает PHP-модуль для блокирования уязвимостей <https://www.opennet.ru/opennews/art.shtml?num=51031>`__ (ru) - opennet.ru
- `What the f*ck is a Snuffleupagus? <https://medium.com/@live_the_dream/what-the-f-ck-is-a-snuffleupagus-f838fb64f857>`__ - Living The Dream
- `Snuffleupagus: Open source security tool hardens PHP sites against cyber-attacks <https://portswigger.net/daily-swig/snuffleupagus-open-source-security-tool-hardens-php-sites-against-cyber-attacks>`__ - The Daily Swig
- `Snuffleupagus versus recent high-profile vulnerabilities <https://dustri.org/b/snuffleupagus-versus-recent-high-profile-vulnerabilities.html>`__ - dustri.org
2020
""""
- `Snuffleupagus, un excelente módulo para bloquear vulnerabilidades en aplicaciones PHP <https://www.linuxadictos.com/snuffleupagus-un-excelente-modulo-para-bloquear-vulnerabilidades-en-aplicaciones-php.html>`__ (es) - linuxadictos.com
- `Выпуск Snuffleupagus 0.5.1, модуля для блокирования уязвимостей в PHP-приложениях <https://www.opennet.ru/opennews/art.shtml?num=53211>`__ (ru) - opennet.ru
- `Snuffleupagus versus recent high-profile vulnerabilities, again! <https://dustri.org/b/snuffleupagus-versus-recent-high-profile-vulnerabilities-again.html>`__ - dustri.org
- `Snuffleupagus, módulo para bloquear vulnerabilidades en aplicaciones PHP <https://underc0de.org/foro/seguridad-en-servidores/snuffleupagus-modulo-para-bloquear-vulnerabilidades-en-aplicaciones-php/>`__ - (es) - underc0de.org
2021
""""
- `Sortie de Snuffleupagus 0.7.0 - Los Elefantes <https://linuxfr.org/news/sortie-de-snuffleupagus-0-7-0-los-elefantes>`__ (fr) - linuxfr
Papers
------
- `Sécurisez vos applications php avec Snuffleupagus <https://connect.ed-diamond.com/GNU-Linux-Magazine/GLMF-213/Securisez-vos-applications-PHP-avec-Snuffleupagus>`__ (fr) (paywall) - 2018-03-2018
Notable users
-------------
- `AdwCleaner <https://www.malwarebytes.com/adwcleaner/>`__'s backend- a notorious anti-pup
- `Alertot <https://www.alertot.com/>`__ - a Chilean continuous web security monitoring company
- `NBS System <https://www.nbs-system.com/>`__ - a French hosting/security company and author of snuffleupagus
- `Net4All <https://net4all.ch/>`__ - a Swiss hosting company
- `Oceanet Technology <https://www.oceanet-technology.com/>`__ - a French hosting company
- `SwissCenter <https://swisscenter.com>`__ - a Swiss datacenter & web hosting company
- `Toolslib <https://toolslib.net/>`__ - an `Alexa top 10k <https://www.alexa.com/siteinfo/toolslib.net>`__ website
- `cPanel <https://cpanel.net/>`__ - one of the most popular web hosting control panel
|
