August 28, 2021

ModSecurity Framework FTW

The ModSecurity Framework FTW project was launched by researchers from ModSecurity and Fastly to provide rigorous testing of WAF rules. It uses OWASP Core Ruleset V3 as a basis for testing rules on a WAF.

Each rule in the rule set is loaded into a YAML file that issues HTTP requests that trigger those rules.

Users can check the execution of the rule after the tests are issued to ensure that the expected response is received by an attack.

Installation ModSecurity Framework FTW

git clone https://github.com/CRS-support/ftw.git

cd ftw

virtualenv env && source ./env/bin/activate

pip install -r requirements.txt

py.test -s -v test/test_default.py –ruledir=test/yaml

ModSecurity Framework FTW link Github

WAScan – Web Application Scanner

Install Varnish cache HTTP CentOS 7

Janusec Application Gateway

Article posted by: https://hackingresources.com/modsecurity-framework-ftw/
——————————————————————————————————————–
Infocerts, 5B 306 Riverside Greens, Panvel, Raigad 410206 Maharashtra, India
Contact us – https://www.infocerts.com

Upcoming Training :- ISO27001 LA T. D.:-Coming soon.. ISO42001 LI T. D.:-16th,17th Nov 2024.