Octopus WAF – Web Application Firewall Made In C Language And Use Libevent

OctopusWAF is a open resource World-wide-web software firewall, is manufactured in C language makes use of libevent to make several connections.

Very first phase

Instal lib-pcre, if you use RPM based mostly distros search pcre-devel bundle, in BSD dependent look for in ports or brew… Have to have libevent-dev, on RPM distros libevent-devel, Openssl-dev and openssl-devel.

To compile and operate OctopusWAF abide by this instructions:

$ git clone https://github.com/CoolerVoid/OctopusWAF
$ cd OctopusWAF make
$ bin/OctopusWAF

Case in point examined on DVWA on very simple HTTP channel

$ bin/OctopusWAF -h 127...1:2006 -r 127...1:80 -m horspool --debug

Open up your browser in http://127...1:2006

• Notes: Really don’t execute with “cd bin ./OctopusWAF” use entire route “bin/OctopusWAF”, simply because binary want load articles in config listing. Use HTTP only for WAF utilization, this edition .1 run TLS but really don’t have useful resource to load cert and read through TLS requests/responses, if you use TLS the provider can lost WAF purpose and operate like reverse proxy.

Analyzed on Linux but can operate in FreeBSD.

Code overview

-------------------------------------------------------------------------------
Language                     information          blank        comment           code
-------------------------------------------------------------------------------
C                               12            324            138            997
C/C++ Header                    11             63             70            212
make                             1              1                           30
Markdown                         1              6                            3
-------------------------------------------------------------------------------
SUM:                            25            394            208           1242
-------------------------------------------------------------------------------

TODO:

Source to load modsec procedures https://github.com/SpiderLabs/owasp-modsecurity-crs/

Insert guidelines to detect XSS

Insert rules to detect SQLi

Insert policies to detect RCE

Insert regulations to detect RFI/LFI

Insert guidelines to detect XXE

Insert guidelines to detect Anomalys…

Channel for TLS

Cert Load

Reference:

https://libevent.org/

https://owasp.org/www-community/Internet_Application_Firewall

Picture and Report Supply hyperlink

Go through More on Pentesting Instruments