-
would be great to have a way to setup traffic logs destination to be cloudwatch or kinesis as currently only s3 destination is supported, it is okay but is not always the intended source specially for…
-
## Assignment
1. Use the below response to an Upwork invite to inspire and refine a product or pitch for security services.
2. The deliverable should be at the very least an article on the topic writ…
-
WhatWaf version: `2.0.3`
Running context: `whatwaf -W -u *************************************************************** --threads 5 --tor --check-tor`
Fingerprint:
```
The specified URL canno…
ghost updated
3 years ago
-
Would like this to be a environment variable we can set:
https://github.com/SpiderLabs/ModSecurity-nginx/blob/master/src/ngx_http_modsecurity_log.c#L33
```
ngx_log_error(NGX_LOG_INFO, (ngx_log_…
-
### What is the feature?
The feature sets a flag to skip continuously getting the same size of response and exclude specific paths during recursive scans.
### What is the use case?
This featu…
-
**Expected**:
pk_ref will never be set with "" property.
**Actual**:
pk_ref is sometimes set with: ["", "", 1234567890, "https://www.example.com/"].
**Why this is a problem**:
Security softwa…
-
For http post data, the ability of WAF has been enhanced
1. If it is not Chunked or Multipart at present, perform Chunked and Multipart obfuscation encoding.
2. It is already Chunked, perform Transf…
-
### Is your feature request related to a problem? Please describe.
As part of our F5 Onboarding Process we need to set some ASM Settings (below) that are non existing on AS3 nor DO
- Anti-Virus …
-
I want to deploy this model to my Java web project to detect web attack. I don't not the method Java can load the model. If I done, can this model detect the web attack of my website, shold I retrain …
-
- Add more tamper scripts (e.g. ability to test for addslahes bypasses using big5 or GBK characters).
- Suggest tamper scripts in due course following fingerprint of technology, back-end DBMS, etc.
…