Comments (5)
sandrogauci
commented on July 17, 2024
thanks for the request @kkirsche .. can you provide some details as to how it may be detected?
Is the regex for the Server header ECD \(.*?\) an effective way to detect it?
from wafw00f.
kkirsche
commented on July 17, 2024
Yes, that will detect that it's part of the distribution network which the WAF is integrated into. Also, anything that applies to ModSecurity has the potential to detect it as the solution is based on ModSecurity (disclosed on https://www.verizondigitalmedia.com/bm-waf-whitepaper/)
from wafw00f.
sandrogauci
commented on July 17, 2024
In the past, we all the ModSecurity checks resulted in false positives and false negatives; i.e. they were terrible checks. If you can come up with a good check, please do share
from wafw00f.
sandrogauci
commented on July 17, 2024
@kkirsche could you give it a test please?
from wafw00f.
kkirsche
commented on July 17, 2024
Looks correct to me. Just tested it. Thanks for implementing this 👍
from wafw00f.
Related Issues (20)
- server hacking
- Collections Mapping HOT 4
- StackPath WAF not showing up in tests. HOT 3
- Variti HOT 1
- Missing dependency HOT 2
- Question about performance HOT 9
- The wafw00f command cannot be used on the windows system HOT 3
- wafw00f no response HOT 3
- Number of requests HOT 1
- Change param name of request HOT 1
- Added request-url on which triggered WAF to json output file
- Azure Application Gateway HOT 1
- python setup.py install command not work HOT 5
- Integration HOT 1
- Error in line 22 of the main.py file HOT 3
- HTTPSConnectionPool port 443 conduct to Read timed out - response time from the server is too low? HOT 1
- Enhancing Project Performance: Asynchronous Implementation and Multithreading Support HOT 2
- Cannot check for NAXSI HOT 1
- code plugin HOT 2
- code plugin HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from wafw00f.