Hello sirs this is my WAF to test attacks...
is made in pure C, don't use regex or other common ways to block attacks, i follow principe KISS (Keep It Simple ), i use this to simulate attacks and bypasses at wafs... i think improve at the future add epoll() and SSL/TLS and improve DFA...
You can use it at your CTFs or vĂ*deos to explain attacks, academic purposes etc...
$ git clone https://github.com/convisoappsec/raptor
$ cd raptor; make
Up this code at your http server https://github.com/convisoappsec/rap...a/test.php#L14
This version don't suport SSL/TLS, this code have XSS to make a test...
Test waf with this
bin/Raptor -h localhost -p 80 -r 8885 -w 4 -o log_attacks.txt
param "w" is waf protection level have four modes....
Open server at http://localhost:8885/test.php
509 of atacks, detect and block 349, 68% of attacks blocked at my tests
Try attack....
https://github.com/CoolerVoid/raptor_waf more information
any suggestion, call me...
read the docs...
cheers !