-
**Is your feature request related to a problem? Please describe.**
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
false detection simple xss
in this…
-
The feature, using ad-blocker component to generate fingerprint, is a fantastic idea.
https://fingerprintjs.com/blog/ad-blocker-fingerprinting/
But some web security detectors treat ad-blocker fi…
-
# :star: Challenge idea
### Description
Complete Blog post:
https://blog.shoebpatel.com/2021/01/23/The-Secret-Parameter-LFR-and-Potential-RCE-in-NodeJS-Apps/
### Underlying vulnerability…
-
"metascraper": "^5.10.6",
"metascraper-author": "^5.10.6",
"metascraper-clearbit": "^5.10.6",
"metascraper-date": "^5.10.6",
"metascraper-description": "^5.10.6",
"metascraper…
-
Running the following command on a FreeBSD machine results in a redirect to DeniedURL without rules enabled:
```bash
curl localhost:8080 -v
```
configuration (I am currently working on this te…
-
### Description
```
Message: Warning. detected XSS using libinjection. [file "/usr/local/etc/apache24/Includes/mod_security/crs/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf"] [l
ine "56"] [id "9…
-
I'm trying to optimize our build time by cache TypeScript build cache and Webpack build cache. Things work well,
TypeScript build time 1m35 => 16s, Webpack build 5m52s => 2m22s
But the total tim…
-
I'm currently setting up a ModSecurity WAF for my friendica node. While in detection only mode I found ModSecurity complaining about a php stacktrace in the home page and a few other places.
It's…
-
### Exposition
Hello! I'm trying to use this excellent (and thorough!) provider to configure my Keycloak provider at home, and I'm encountering the following issue while attempting to create my fir…
-
### Description
Generated some 8MB files (by pulling from /dev/urandom) and uploaded them to my server to see if modsecurity is going to be a problem
certain files will consistently trigger MULT…