Web Hack And More 2020 Topic
> OpenWAF is the first fully open source Web application protection system (WAF), based on nginx_lua API analysis of HTTP request information. OpenWAF is composed of two functional engines: behavior analysis engine and rule engine. The rule engine mainly analyzes the individual requests, and the behavior analysis engine is mainly responsible for the tracking of the request information.
> Rule engine inspired by modsecurity and freewaf(lua-resty-waf), the ModSecurity rules will be implemented using lua. The rule engine can be based on the protocol specification, automatic tools, injection attacks, cross site attacks, information leaks and other security exception request, adding support for dynamic rules, timely repair vulnerabilities.
πΈπ½π
π
π°π»π»πΈπ
π°π
πΈπΎπ½ & π
π
π½ :
1) git clone https://github.com/titansec/OpenWAF#bugs-and-patches.git
2) cd /opt
3) apt-get install gcc wget git swig make perl build-essential zlib1g-dev libgeoip-dev libncurses5-dev libreadline-dev -y
4) wget http://www.over-yonder.net/~fullermd/projects/libcidr/libcidr-1.2.3.tar.xz
5) wget https://ftp.pcre.org/pub/pcre/pcre-8.43.tar.gz
6) wget https://www.openssl.org/source/openssl-1.1.1d.tar.gz
7) wget https://openresty.org/download/openresty-1.15.8.2.tar.gz
8) tar -xvf libcidr-1.2.3.tar.xz
9) tar -zxvf pcre-8.43.tar.gz
10) tar -zxvf openssl-1.1.1d.tar.gz
11) tar -zxvf openresty-1.15.8.2.tar.gz
12) rm -rf pcre-8.43.tar.gz \
13) openssl-1.1.1d.tar.gz \
14) openresty-1.15.8.2.tar.gz
15) cd /opt/libcidr-1.2.3
16) make && make install
BY ANONYMOUS BLACK SEC....
