LinuxTools Hacking

ModSecurity Framework FTW

FTW  project was created by researchers from ModSecurity and Fastly to help provide rigorous tests for WAF rules. It uses the OWASP Core Ruleset V3 as a baseline to test rules on a WAF.

Each rule from the ruleset is loaded into a YAML file that issues HTTP requests that will trigger these rules. 

Users can verify the execution of the rule after the tests are issued to make sure the expected response is received from an attack.

Installation ModSecurity Framework FTW

git clone https://github.com/CRS-support/ftw.git

cd ftw

virtualenv env && source ./env/bin/activate

  • pip install -r requirements.txt
  • py.test -s -v test/test_default.py –ruledir=test/yaml

ModSecurity Framework FTW link Github

WAScan – Web Application Scanner

Install Varnish cache HTTP CentOS 7

Janusec Application Gateway

Tags

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Close