One middleware, drop it in, and it starts logging SQL injection, XSS, RCE, directory traversal, scanner bots (sqlmap, nikto, burp suite), DDoS patterns, Log4Shell — 130+ patterns total.

It never blocks anything. Purely passive — every request goes through normally. So no risk of breaking your app.

Two things I'm most proud of:

- Evasion resistance: payloads are normalized before matching so UNION/*/SELECT and double URL encoding (%2527) don't slip through - Confidence scoring (0–100) per threat based on match count, context, and user-agent signals

Also ships with a dark-mode dashboard, Slack alerts, and 15 REST API endpoints.

composer require jayanta/laravel-threat-detection