LightBulb Framework is an open source python framework for auditing web application firewalls and filters.
The framework consists of two main algorithms:
Active learning algorithms permits the analysis of filter and sanitizer programs remotely, i.e. given only the ability to query the targeted program and observe the output.
Finding differences between programs with similar functionality is an important security problem as such differences can be used for fingerprinting or creating evasion attacks against security software like Web Application Firewalls (WAFs) which are designed to detect malicious inputs to web applications.
Also ReadKBD-Audio : Tools For Capturing & Analysing Keyboard Input Paired With Microphone Capture
| Command | Description |
|---|---|
| core | Shows available core modules |
| utils | Shows available query handlers |
| info <module> | Prints module information |
| library | Enters library |
| modules | Shows available application modules |
| use <module> | Enters module |
| start <moduleA> <moduleB> | Initiate algorithm |
| help | Prints help |
| status | Checks and installs required packages |
| complete | Prints bash completion command |
| Command | Description |
|---|---|
| back | Go back to main menu |
| info | Prints current module information |
| library | Enters library |
| options | Shows available options |
| define <option> <value> | Set an option value |
| start | Initiate algoritm |
| complete | Prints bash completion command |
| Command | Description |
|---|---|
| back | Go back to main menu |
| info <folder\module> | Prints requested module information (folder must be located in lightbulb/data/) |
| cat <folder\module> | Prints requested module (folder must be located in lightbulb/data/) |
| modules <folder> | Shows available library modules in the requested folder (folder must be located in lightbulb/data/) |
| search <keywords> | Searches available library modules using comma separated keywords |
| complete | Prints bash completion command |
First you have to verify that your system supports flex, python dev, pip and build utilities:
For apt platforms (ubuntu, debian…):
sudo apt-get install flex
sudo apt-get install python-pip
sudo apt-get install python-dev
sudo apt-get install build-essential (Optional for apt) If you want to add support for MySQL testing:
sudo apt-get install libmysqlclient-dev For yum platforms (centos, redhat, fedora…) with already installed the extra packages repo (epel-release):
sudo yum install -y python-pip
sudo yum install -y python-devel
sudo yum install -y wget
sudo yum groupinstall -y 'Development Tools' (Optional for yum) If you want to add support for MySQL testing:
sudo yum install -y mysql-devel
sudo yum install -y MySQL-python In order to use the application without complete package installation:
git clone https://github.com/lightbulb-framework/lightbulb-framework
cd lightbulb-framework
make
lightbulb status In order to perform complete package installation. You can also install it from pip repository. This requires first to install the latest setuptools version:
pip install setuptools --upgrade
pip install lightbulb-framework
lightbulb status If you want to use virtualenv:
pip install virtualenv
virtualenv env
source env/bin/activate
pip install lightbulb-framework
lightbulb status The “lightbulb status” command will guide you to install MySQLdb and OpenFst support. If you use virtualenv in linux, the “sudo” command will be required only for the installation of libmysqlclient-dev package.
It should be noted that the “lightbulb status” command is not necessary if you are going to use the Burp Extension.
The reason is that this command installs the “openfst” and “mysql” bindings and the extension by default is using Jython, which does not support C bindings.
It is recommended to use the command only if you want to change the Burp extension configuration from the settings and enable the native support.
It is also possible to use a docker instance:
docker pull lightbulb/lightbulb-framework If you wish to use the new GUI, you can use the extension for the Burp Suite. First you have to setup a working environment with Burp Proxy and Jython
You can ignore this step, and install the standalone version which contains all the required python packages included. You can download it here
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.
shadow-rs is a Windows kernel rootkit written in Rust, demonstrating advanced techniques for kernel manipulation…
Extract and execute a PE embedded within a PNG file using an LNK file. The…
Embark on the journey of becoming a certified Red Team professional with our definitive guide.…
This repository contains proof of concept exploits for CVE-2024-5836 and CVE-2024-6778, which are vulnerabilities within…
This took me like 4 days (+2 days for an update), but I got it…
MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection. Its foundation is…