web application firewall – Page 8

An Introduction To Web Application Security Systems

Posted on August 24, 2016 by Darknet

In the world of web application security systems, there exists a myriad of systems to protect public-facing services in any number of ways. They come packed with all the elements necessary to play an action-packed round of buzzword bingo, but they often overlap in some ways that may make them sometimes seem similar. After the second […]

The…

Read the full post at darknet.org.uk

Continue reading An Introduction To Web Application Security Systems→

WAFW00F – Fingerprint & Identify Web Application Firewall (WAF) Products

Posted on May 6, 2016 by Darknet

WAFW00F is a Python tool to help you fingerprint and identify Web Application Firewall (WAF) products. It is an active reconnaissance tool as it actually connects to the web server, but it starts out with a normal HTTP response and escalates as necessary. You can override or include your own headers, it has SOCKS and […]

The post WAFW00F…

Read the full post at darknet.org.uk

Continue reading WAFW00F – Fingerprint & Identify Web Application Firewall (WAF) Products→

NAXSI – Open-Source WAF For Nginx

Posted on March 21, 2016 by Darknet

NAXSI is an open-source WAF for Nginx (Web Application Firewall) which by default can block 99% of known patterns involved in website vulnerabilities. NAXSI means Nginx Anti XSS & SQL Injection Technically, it is a third party Nginx module, available as a package for many UNIX-like platforms. This module, by default, reads a small subset…

Read the full post at darknet.org.uk

Continue reading NAXSI – Open-Source WAF For Nginx→

Pirates hacked shipping company to steal info for efficient hijackings

Posted on March 7, 2016 by John Zorabedian

Here’s a lesson in modern web security, taken from a story about modern maritime pirates. Continue reading Pirates hacked shipping company to steal info for efficient hijackings→