Projects

ModSecurity for Apache Native implementation of the web application firewall, working as an Apache module. Both major Apache branches are supported. ModSecurity Core Rules A collection of rules designed to detect common web application attacks, which turns ModSecurity into a Web Intrusion Detection tool. ModSecurity Console ModSecurity Console is a network-based console designed to collect logs and alerts from remote ModSecurity sensors in real-time, providing security analysts with the support they need to keep their web systems secure. ModProfiler ModProfiler uses transaction logs to analyse traffic and create application models, which it can then export to ModSecurity rules that use a positive security model. Related External Projects GotRoot Rules for ModSecurity GootRoot maintains a large collection of rules for ModSecurity 1.9.x and 2.x. jwall.org Christian Bockermann wrote a number of very interesting tools, several of which are ModSecurity related: a Java library that reads ModSecurity's audit log format, a GUI application that displays contents of an audit log stream, a rule visualisation tool, and WebApplicationProfiler, which takes audit logs and builds positive security profiles out of them (with an option to export profiles to ModSecurity rules). Modsec2sguil Modsec2sguil is a Perl script that feeds ModSecurity audit logs to Sguil. Ouadjet Ouadjet uses ModSecurity audit logs to create positive-security policies and export them as ModSecurity rules. It currently works with ModSecurity 1.9.x. REMO REMO is a project to build a graphical rule editor for ModSecurity with a positive/whitelist approach. ScallyWhack ScallyWhack is a ModSecurity-based solution to block spam posted to Trac-driven websites. It's a lightweight, fast and flexible tool which recognizes and defeats all currently known methods to spam Trac. WeBekci WeBekci is a web based ModSecurity 2.x management tool. WeBekci is written in PHP, Its backend is powered by MySQL and the frontend by XAJAX framework. It is an OWASP project.