Categories: Kali Linux

Raptor WAF – Web application firewall using DFA

Raptor WAF is a Open Source Web application firewall tool made in C, utilizes DFA to block SQL infusion, Cross website scripting and way traversal. It is widely use now a days for the following;

  • Block XSS, SQL injection attacks and path traversal with Raptor.
  • Use blacklist IPs to block some users at the config/blacjlist_ip.txt
  • Use IPv6 and IPv4 at communications.
  • At the future Dos protector, request limit, rule interpreter and malware detector at uploads.
  • At the future SSL/TLS.

Also Read RouterSploit – Exploitation Framework For Embedded Devices

Compile Raptor WAF

$ git clone https://github.com/CoolerVoid/raptor_waf$ cd raptor_waf; make; bin/raptor

Note : Don’t execute with “cd bin; ./raptor” use full path “bin/raptor”. Need lib pcre to compile.

Example

Up some HTTPd server at port 80 redirect with raptor to port 8883

$ bin/Raptor -h localhost -p 80 -r 8883 -w 4 -o loglog.txt

Copy vulnerable PHP code to your web server directory

$ cp doc/test_dfa/test.php /var/www/html

Now you can test xss attacks at http://localhost:8883/test.php

Other option to run(now with regex, look file config/regex_rules.txt to edit rules):

$ bin/Raptor -h 127.0.0.1 -p 80 -r 8883 -w 0 -o resultwaf -m pcre

R K

Recent Posts

WhatsMyName App – Find Anyone Across 640+ Platforms

Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…

15 hours ago

Analyzing Directory Size Linux Tools Explained

Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…

16 hours ago

Understanding Disk Usage with du Command

Efficient disk space management is vital in Linux, especially for system administrators who manage servers…

16 hours ago

How to Check Directory Size in Linux

Knowing how to check directory sizes in Linux is essential for managing disk space and…

16 hours ago

Essential Commands for Linux User Listing

Managing user accounts is a core responsibility for any Linux administrator. Whether you’re securing a…

16 hours ago

Command-Line Techniques for Listing Linux Users

Linux offers powerful command-line tools for system administrators to view and manage user accounts. Knowing…

2 days ago