Skip to content

sjqzhang/WAFTest

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

39 Commits

modsec_lua

modsec_lua

 
 

t

t

 
 

vulCode

vulCode

 
 

HTTP.pl

HTTP.pl

 
 

HTTPFromFile.pl

HTTPFromFile.pl

 
 

README.md

README.md

 
 

requirePackage.txt

requirePackage.txt

 
 

xss.t

xss.t

 
 

Repository files navigation

WAF Test Project

  1. HTTP packet tool - HTTP.pl Usage http://danqingdani.blog.163.com/blog/static/18609419520144202591392/

  2. HTTP packet tool - HTTPFromFile.pl read HTTP Request from file and send it

For example: send a xss request to test if the WAF can block

I: construct request package content

echo -ne 'GET /?a=%3Cscript%3Ealert(1)%3C/script%3E HTTP/1.1\r\nHost: www.tanjiti.com\r\nUserAgent: curl 0.9\r\n' >xss.t

II: send xss request use HTTPFromFile.pl

perl HTTPFromFile.pl -code 403 -host www.tanjiti.com -port 80 -file xss.t

WAF Evauation Method detail http://danqingdani.blog.163.com/blog/static/1860941952014101462723470/

About

WAF测试工具

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Perl 81.1%
  • Lua 12.5%
  • PHP 4.3%
  • Other 2.1%