Skip to content

vandyvilla/PyProfiler

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
README.md
README.md
 
 
configuration.py
configuration.py
 
 
log_parser.py
log_parser.py
 
 
main.py
main.py
 
 
mod2zeus.py
mod2zeus.py
 
 
param_profile.py
param_profile.py
 
 
profiler.conf
profiler.conf
 
 
profiler.py
profiler.py
 
 
resource.py
resource.py
 
 
resource_profile.py
resource_profile.py
 
 
url_parser.py
url_parser.py
 
 
url_tree.py
url_tree.py
 
 
util.py
util.py
 
 

Repository files navigation

#PyProfiler

This project aims to automatically generate modsecurity (firewall) rules from Apache access logs. The idea is that instead of using attack signatures (i.e., based on negative security model, DEFAULT ALLOW), we use the application profile (i.e., based on positive security model, DEFAULT DENY) to specify "what the normal web requests should look like". The modSecurity ruleset can also be transformed into zeus spec (.xml) that can be imported by Stingray (a commercial WAF).

##Usage:

  • edit profiler.conf: profiler.conf contains all the configurations for the profiler.
  • run: python main.py profiler.conf: provide the configuration file; the output is the modsecurity ruleset.
  • run: python mod2zeus.py: the output is the zeus spec file (.xml).

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages