ModSecurity is an open source, cross-platform web application firewall (WAF) module. Known as the "Swiss Army Knife" of WAFs, it enables web application defenders to gain visibility into HTTP(S) traffic and provides a power rules language and API to implement advanced protections.

ModSecurity Demonstration Projects

ModSecurity CRS Evasion Testing Demo
The ModSecurity Demo allows users to easily test the effectiveness of the OWASP CRS rules. Any data is sent to a ModSecurity install for inspection and processing. The response body will then list any rules that triggered.

XSS Mitigation with Content Injection Demo
This demo shows how to use ModSecurity's Content Injection capabilities to prepend defensive JavaScript to the top of the returned page, which will protect against unauthorized JS execution.

ModSecurity Protecting Commercial Web App Vuln Scanner Demo Sites
We have setup ModSecurity to proxy to the following 4 commercial vuln scanner demo sites:

  1. Trustwave (App Scanner) - CrackMe Bank site
  2. HP (WebInspect) - Free Bank site
  3. Acunetix (Acunetix) - Acuart site
  4. IBM (AppScan) - demo.testfire.net site
  5. Google Firing Range - Firing Range site
If ModSecurity sees any inbound attacks or outbound application defects/info leakages, it will prepend a warning banner to the top of the page.