Raptor WAF - C Based Web Application Firewall

Raptor WAF - C Based Web Application Firewall

Raptor is a C based open source web application firewall that uses DFA (Deterministic Finite Automata) to block SQL Injection, Cross Site Scripting (XSS) and Path Traversal. It allows you to block some users with the blacklist of IPs (config/blacklist_ip.txt).

Raptor WAF Screenshot 1


$ git clone https://github.com/CoolerVoid/raptor_waf
$ cd raptor_waf; make; bin/raptor
Note: Don't execute with "cd bin; ./raptor" use full path "bin/raptor".

Remember: It needs lib pcre to compile.


Up some HTTPd server at port 80 redirect with raptor to port 8883:
$ bin/Raptor -h localhost -p 80 -r 8883 -w 4 -o loglog.txt
Copy vulnerable PHP code to your web server directory:
$ cp doc/test_dfa/test.php /var/www/html
Now you can test xss attacks at http://localhost:8883/test.php

Other option to run(now with regex, look file config/regex_rules.txt to edit rules):
$ bin/Raptor -h -p 80 -r 8883 -w 0 -o resultwaf -m pcre

Raptor WAF Screenshot 2

No comments

Powered by Blogger.