ModSecurity Framework FTW

Pen Testing Tools / By

August 28, 2021

ModSecurity Framework FTW

The ModSecurity Framework FTW project was launched by researchers from ModSecurity and Fastly to provide rigorous testing of WAF rules. It uses OWASP Core Ruleset V3 as a basis for testing rules on a WAF.

Each rule in the rule set is loaded into a YAML file that issues HTTP requests that trigger those rules.

Users can check the execution of the rule after the tests are issued to ensure that the expected response is received by an attack.

Installation ModSecurity Framework FTW

git clone https://github.com/CRS-support/ftw.git

cd ftw

virtualenv env && source ./env/bin/activate

  • pip install -r requirements.txt
  • py.test -s -v test/test_default.py –ruledir=test/yaml

ModSecurity Framework FTW link Github

WAScan – Web Application Scanner

Install Varnish cache HTTP CentOS 7

Janusec Application Gateway

Article posted by: https://hackingresources.com/modsecurity-framework-ftw/
——————————————————————————————————————–
Infocerts, 5B 306 Riverside Greens, Panvel, Raigad 410206 Maharashtra, India
Contact us – https://www.infocerts.com

Open Whatsapp chat
Whatsapp Us
Chat with us for faster replies.