Hello sirs this is my WAF to test attacks...
is made in pure C, don't use regex or other common ways to block attacks, i follow principe KISS (Keep It Simple ), i use this to simulate attacks and bypasses at wafs... i think improve at the future add epoll() and SSL/TLS and improve DFA...

You can use it at your CTFs or vÃ*deos to explain attacks, academic purposes etc...

$ git clone https://github.com/convisoappsec/raptor
$ cd raptor; make

Up this code at your http server https://github.com/convisoappsec/raptor/blob/master/doc/test_dfa/test.php#L14
This version don't suport SSL/TLS, this code have XSS to make a test...

Test waf with this
bin/Raptor -h localhost -p 80 -r 8885 -w 4 -o log_attacks.txt
param "w" is waf protection level have four modes....

Open server at http://localhost:8885/test.php

509 of atacks, detect and block 349, 68% of attacks blocked at my tests
http://blog.conviso.com.br/wp-content/uploads/2016/01/meta-chart1-810x540.jpeg

Try attack....

https://github.com/CoolerVoid/raptor_waf more information

any suggestion, call me...
read the docs...


cheers !

@raiden Thank you