umarfarook882/CWAF-rules-1.129

Stars
5
Rank 2,854,943 (Top 57 %)
Language
License
Apache License 2.0
Created over 7 years ago
Updated almost 7 years ago

umarfarook882/CWAF-rules-1.129

umarfarook882

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

CWAF Ruleset

Blog-Views-Bot

To increase blog user view traffic on website.

CVE-2019-0708

CVE-2019-0708 - BlueKeep (RDP)

PyNessus_Generate_Activation_Code

Generate Multiple Nessus Activation Code using Temp Mail Service.

Windows-InstallerBypass

Windows Installer Bypass using Rollback Script .rbs and .rbf - Race Condition

Win-LocalPriv-Escalation-polarbear

Windows Local Privilege Escalation - 0 Day Vulnerability (schtasks.exe) released by @SandboxEscaper :)

Tornado_Demo_Vuln_App

Tornado Demo Vulnerable Application to test SQL injection vulnerability and patch it using RASP (Runtime Application Self-Protection)

FOS_Demo_Vulnerable_App

[FOS:RASP-PHP] PHP Demo Vulnerable Application to test SQL injection vulnerability and patch it using RASP (Runtime Application Self-Protection)

Modsecurity-WAF-Dashboard

My Research project about integrating Modsecurity log with ELK-Stack (Elastic Search, Logstash, and Kibana ) as Web Dashboard i.e GUI for analysing the log and manage them as statistical graph based on the real time attacks.

drakvuf_console_beta

Automate Malware Analysis using Drakvuf and Extract IOC from drakvuf log using Drakvuf Console (Log Analysis Toolkit) build on electronjs

WAF-Rule-Testing-File-upload

Testing Unrestricted File upload vulnerability on xvwa application with OWASP CRS && CWAF Ruleset.

Avast_Multiple_Vulnerability_Disclosure

Avast Multiple Vulnerability in RPC Service

WP-Statistics-Plugin-SQL-Injection-Vulnerability

WP Statistics Plugin < 12.0.8 SQL Injection Vulnerability Analysis

fos.github.io

It's about current trends in Information Security field i.e Web App | Network | Mobile Pentesting, RASP (Run Time Application Self Protection) Security | WAF implementation and WAF rule writing.

WAF-Rule-Testing

Testing OS command injection attack on vulnerable application with OWASP CRS && CWAF Ruleset.

WAF-Rule-Writing-part-3

WAF rule to prevent 0-day Vulnerability in Wordpress <= 4.7.4 (Unauthorized Password Reset Vulnerability)

WAF-Rule-Testing-LFI-attack

Testing Local File Inclusion (LFI) attack on vulnerable application with OWASP CRS && CWAF Ruleset.

Books

Free Online Book

WAF-Rule-Writing-part-2

Writing custom rules to fix OWASP CRS 3 and Comodo WAF ruleset

Pyburp-rest-api

Python Library for Burp Rest API (https://github.com/vmware/burp-rest-api)

WAF-Rule-Writing

Writing custom WAF rules to prevent web application from new 0-day attacks.