Skip to content
/ ModWAF Public

[WIP] Web Application Firewall Module for NProxy that prevents common XSS, SQLi, LFi and RCE exploit attacks.

2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

nfense/ModWAF

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
assets
assets
 
 
src
src
 
 
.gitignore
.gitignore
 
 
ModWAF.csproj
ModWAF.csproj
 
 
README.md
README.md
 
 

Repository files navigation

ModWAF

Web Application Firewall Module for NProxy that prevents common XSS, SQLi, LFi and RCE exploit attacks

⚠️ Disclaimer

This project is still in development and is not ready for production use. This is not optimized and may be unstable. Use only in development or test environments.

🛡️ About

ModWAF is an NProxy module which implements a WAF (Web Application Firewall) focused on mitigating common attack patterns of XSS, SQLi, RCE and LFI.

ToDo

Hooks

  • Cookies.
  • Request Body.
  • URL Path.
  • URL Query.

Input Pattern Based Modules

  • Regex base Detection.
  • XSS Detection.
  • SQL Injection Detection.
  • Remote Code Execution Detection.
  • Local File Inclusion Detection.

Header Based Modules

  • CSP Header.
  • CORS Header.
  • X-Frame-Options Header.
  • X-XSS-Protection Header.
  • HSTS Header.
  • X-Content-Type-Options Header.
  • X-DNS-Prefetch-Control Header.
  • Referrer-Policy Header.
  • X-Permitted-Cross-Domain-Policies Header.
  • Expect-CT Header.

Misc Modules

  • Hide Server Branding.

About

[WIP] Web Application Firewall Module for NProxy that prevents common XSS, SQLi, LFi and RCE exploit attacks.

Topics

http security protection module firewall waf xss rce lfi sqlinjection nproxy

Resources

Readme
Activity
Custom properties

Stars

2 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages