Home Security Raptor WAF – C Based Web Application Firewall

Raptor WAF – C Based Web Application Firewall

by admin
Raptor WAF - C Based Web Application Firewall

Raptor is a C based open source web application firewall that uses DFA (Deterministic Finite Automata) to block SQL Injection, Cross Site Scripting (XSS) and Path Traversal. It allows you to block some users with the blacklist of IPs (config/blacklist_ip.txt).

Raptor WAF Screenshot 1

Usage:

$ git clone https://github.com/CoolerVoid/raptor_waf
$ cd raptor_waf; make; bin/raptor

Note: Don’t execute with “cd bin; ./raptor” use full path “bin/raptor”.

Remember: It needs lib pcre to compile.

Examples:

Up some HTTPd server at port 80 redirect with raptor to port 8883:

$ bin/Raptor -h localhost -p 80 -r 8883 -w 4 -o loglog.txt

Copy vulnerable PHP code to your web server directory:

$ cp doc/test_dfa/test.php /var/www/html

Now you can test xss attacks at http://localhost:8883/test.php

Other option to run(now with regex, look file config/regex_rules.txt to edit rules):

$ bin/Raptor -h 127.0.0.1 -p 80 -r 8883 -w 0 -o resultwaf -m pcre

Raptor WAF Screenshot 2




Source link

Related Articles

Leave a Comment