raptor_waf
Raptor is a Web application firewall made in C, uses DFA to block SQL injection, Cross site scripting and path traversal.
Features:
* You can block XSS,SQL injection attacks and path traversal with Raptor.
* You can use blacklist IPs to block some users at config/blacklist_ip.txt.
* You can use IPv6 and IPv4 at communications.
*At the future Dos protector , request limit, rule interpreter and Malware detector at uploads.
*At the future SSl/TLS
Why using C language :
* C have a high delay time for writing and debugging, but no pain no gain, have a fast performance, addition of this point, the C language is run at any architecture like Mips,ARM and others… other benefits of C, have good and high profile to write optimizations, if you think write some lines in ASSEMBLY code with AES-NI or SiMD instructions, i think is good choice.
* Why you not use POO ? in this project i follow ”KISS” principe: http://pt.wikipedia.org/wiki/Keep It Simple.
* C language have a lot old school dudes like a kernel hackers…
How does it works:
To run:
Up some HTTPd server at port 80$ bin/Raptor -h localhost -p 80 -r 8883 -w 4 -o loglog.txt
Copy vulnerable PHP code to your web server directory
$ cp doc/test_dfa/test.php /var/www/html
Now you can test xss attacks at http://localhost:8883/test.php
Hello, We are White Hats team. We work on hacking technologies to provide you latest hacking articles so that you can be aware of Latest tech hacks and online security threats.
No comments:
Post a Comment