Any tier · 143 specialized tests

Laravel/PHP Security

Framework-specific security testing for Laravel applications

€89 Add to Scan

What Gets Tested

APP_DEBUG=true detection (stack trace exposure)
.env file exposure (credentials, API keys)
Laravel Telescope dashboard access
Laravel Horizon dashboard access
Laravel Nova admin panel detection
Ignition error page RCE (CVE-2021-3129)
Debug Bar in production detection
Storage logs exposure (laravel.log)
Artisan command exposure
Composer.json/lock information disclosure
Session cookie configuration (laravel_session)
XSRF-TOKEN cookie analysis
CSRF meta tag verification
API route discovery (/api/v1, /api/user)
Redis port exposure check (6379)
Queue worker exposure (Horizon API stats)
Nuclei Laravel-specific CVE templates

How It Works

1

Framework Detection

Identify Laravel version via response headers, cookies (laravel_session, XSRF-TOKEN), and known paths.

2

Debug & Exposure

Check for APP_DEBUG=true, .env files, Ignition health-check, Debug Bar, and storage logs.

3

Admin Panels

Test access to Telescope, Horizon, Nova dashboards — these should require authentication in production.

4

Infrastructure

Check Redis exposure, queue worker endpoints, and Composer dependency information disclosure.

Compliance Coverage

OWASP-A02 (Cryptographic Failures) OWASP-A03 (Injection) OWASP-A05 (Misconfiguration)

Laravel/PHP Security

€89

Any tier · One-time per scan

143 specialized tests + AI-powered analysis

Start Your Scan

Select this addon when configuring your scan

Related Add-Ons

WordPress Security

€89

Deep vulnerability scanning for WordPress sites, plugins, and themes

Ecommerce Security (PCI DSS)

€149

Payment security and PCI DSS compliance testing