Web Application Firewall (WAF) testing Framework

Dear Information Security Hero's, I planned to share some tools which really help you while implementing WAF.

Sometime after completing the installation customer will ask "I did not see any attacks, is your WAF working fine ?? "

So, to avoid this kind of question, Use the below tool that enables you to evaluate the security efficacy of your web application security solution Unlike other application scanners, which only check for vulnerabilities, it generates both legitimate traffic and attacks traffic to determine if your security solution stops attacks without blocking valid requests.

Here only providing top tools only...

LightBulb Framework

The framework consists of two main algorithms: GOFA: An active learning algorithm that infers symbolic representations of automata in the standard membership/equivalence query model. Active learning algorithms permit the analysis of filter and sanitizer programs remotely, i.e. given only the ability to query the targeted p Microsoft's WAF Bench (WB) Tool Suits program and observe the output.

SFADiff: A black-box differential testing algorithm based on Symbolic Finite Automata (SFA) learning Finding differences between programs with similar functionality is an important security problem as such differences can be used for fingerprinting or creating evasion attacks against security software like Web Application Firewalls (WAFs) which are designed to detect malicious inputs to web applications.

Link: https://github.com/lightbulb-framework/lightbulb-framework

Imperva's WAF test Framework

This has come from one of the reputed OEM, who is the leader in Gartner's WAF-report.

The WAF Testing Framework is licensed under the terms of the Affero General Public License version 3.

Link: https://www.imperva.com/lg/lgw_trial.asp?pid=483

Microsoft's WAF Bench (WB) Tool Suits

WAF (Web Application Firewall) Bench tool suits are designed to verify the correctness and measure the performance of WAF.

Automatic WAF correctness testing can relieve developers from the heavy and tedious verifying works. There are two important factors for conducting WAF correctness testing: the testing framework and test cases.

Its a heavy tool needs more dependencies to compare with above-mentioned tools.

Link: https://microsoft.github.io/WAFBench/

Comments

My Life as Information security engineer Chapter 1: Tools

Hi folks, here I am going to share the tools list that I am using in my daily life cycle. NMAP Nmap (“Network Mapper”) is a free and open-source (license) utility for network discovery and security auditing. Basically, I will use it to discover the open ports and closed ports where I did Port Mapping in firewalls. We can use this in the local network as well as in the WAN network. Also with help of the NSE script, we do multiple things like vulnerability check, exploitation, etc., Ref: http://www.piratesshield.com/2017/11/nmap-network-mapper-securtiy-scanner.html CURL and WGET curl is a tool to transfer data from or to a server, using one of the supported protocols (HTTP, HTTPS, FTP, FTPS, SCP, SFTP, TFTP, DICT, TELNET, LDAP or FILE). Normally using this tool to analyze the website headers when my web security device blocking some dynamic content websites and to create the Application signature in IPS. Wget using to download files directly instead of opening and surfing the brow

AquaSec Container Security Solution ( DevSecOps ) - A quickView

What is AquaSec? The Aqua Platform is the leading Cloud Native Application Protection Platform (CNAPP) and provides prevention, detection, and response automation across the entire application lifecycle to secure the supply chain, secure cloud infrastructure, and secure running workloads wherever they are deployed. Solutions : Cloud Native Security Platform CSPM Cloud Security Container Security Kubernetes Security Serverless Security Cloud VM Security Dynamic Threat Analysis (DTA) Container Vulnerability Scanning Aquasec offers a 14days trial to learn the container security / Automated DevSecOps. Use this link to get free trail Sign In | Aqua (aquasec.com) How to start with AquaSec? Once login into the portal click the nine dots in the left-side top > Aqua Hub Then click the "Integrations" The Integration page has a lot of options to connect your container Platform Choosing your platform provides the required key to integrate. (follow the OEM documents ) The

What is IP Obfuscation ? How it's working ? how to use Cuteit tool ?

What is IP Obfuscation? Which is a method to hide or convert a doted format IP address (e.g. 192.168.192.2) into an Integer or Hexadecimal value or Octal form by using some mathematical formula. It’s a kind of method to spoof the human eyes and web security services. dot format to Decimal Conversion piratesshield.com 👉 [172.67.129.3] to translate (172 x256 3 )+(67×256 2 )+(129×256 1 )+(3×256 0 ) = 2890105091 Now you can use https://2890105091 to access piratesshield.com This is one of the ways to do IP Obfuscation. The tool ‘ Cuteit ‘ is A simple python tool to help you to social engineer, bypass whitelisting firewalls, potentially break regex rules for command-line logging looking for IP addresses and obfuscate cleartext strings to C2 locations within the payload. HOW TO USE CUTEIT ? Download & Install Cuteit from the below link git : git clone https://github.com/D4Vinci/Cuteit.git Direct link: https://github.com/D4Vinci/Cuteit/archive/master.zip usage: Cu

PIRATESSHIELD

Search This Blog