Pentest Tools

Published on February 2nd, 2016 📆 | 1673 Views ⚑

0

Raptor WAF – Web Applicaiton to Train Attacks to Bypass


https://www.ispeech.org

Raptor is an Open Source Tool, yout focus is study of attacks and find intelligent ways to block attacks.
Raptor is made in pure C, don’t use regex or other common ways to block attacks, yes is diferent and fast like a raptor dinosaur, Raptor follow principle KISS (Keep It Simple), you can use Raptor to simulate attacks and bypasses at wafs.
 [adsense size='1']
WAF stands for Web Application Firewall. It is widely used nowadays to detect and defend SQL Injections and XSS...
  • You can block XSS, SQL injection attacks and path traversal with Raptor
  • You can use blacklist of IPs to block some users at config/blacklist ip.txt
  • You can use IPv6 and IPv4 at communications
  • At the future DoS protector, request limit, rule interpreter and Malware detector at uploads.
  • At the future SSL/TLS...

to run:

$ git clone https://github.com/CoolerVoid/raptor_waf
$ cd raptor_waf; make; bin/raptor

 

Example

Up some HTTPd server at port 80

$ bin/Raptor -h localhost -p 80 -r 8883 -w 4 -o loglog.txt

you can test at https://localhost:8883/test.php
[adsense size='2']

Look the docs

https://github.com/CoolerVoid/raptor_waf/blob/master/doc/raptor.pdf

Tests:

509 of attacks, detect and block 349, 68% of attacks blocked

[adsense size='3']

Download Raptor



Leave a Reply

Your email address will not be published.