|
ModSecurity for Apache
Native implementation of the web application firewall, working as an
Apache module. Both major Apache branches are supported.
ModSecurity Core Rule Set (CRS)
A collection of rules designed to detect common web application attacks,
which turns ModSecurity into a Web Intrusion Detection tool. The ModSecurity
Core Rules project is now an OWASP project and discussions have moved from
the mod-security-users mailing list to the new
owasp-modsecurity-core-rule-set mailing list.
ModSecurity Commercial Rules
ModSecurity Commercial Rules are available from expert organizations, and address or complement the OWASP Core Rule Set.
ModSecurity Support
Options for support and troubleshooting for ModSecurity deployments.
ModSecurity Demos
The ModSecurity Demo is a joint effort between the ModSecurity and PHPIDS
project teams to allow users to test ModSecurity and PHPIDS. Any data is sent
to a ModSecurity install for inspection by the CRS and then it will be proxied
to the PHPIDS page for normal inspection and processing. The response body
will then be inspected to confirm if there are any evasion issues between the
CRS and PHPIDS.
ModProfiler
ModProfiler uses transaction logs to analyse traffic and create application models, which it can
then export to ModSecurity rules that use a positive security model.
Ports
We are actively seeking community participation for porting ModSecurity to other web servers and platforms. If you would like to assist with any of the efforts listed below or have a new proposal, please use the ModSecurity Developers Mail-list.
Projects looking to port ModSecurity to their platform should review the ModSecurity Rules Language Porting Specification document which lists Level 1: Core Features that must be supported.
ModSecurity for Java (OWASP Java WAF)
The OWASP Java Web Application Firewall Team (lead by Juan Carlos Calderon) is actively working to add in support for the ModSecurity Rules Language.
ModSecurity for Oracle Platforms
Trustwave's SpiderLabs is actively working with Oracle on the development of ModSecurity ports for the following platforms.
Sun Java Web Server 7.0 Update 2
An experimental port of Modsecurity for the Sun Java Web Server run by Meena Vyas of Sun Microsystems.
iPlanet/SunONE
An experimental NSAPI port of Modsecurity for the iPlanet/SunONE serverE.
ModSecurity for Microsoft Platforms
The OWASP Java Web Application Firewall Team (lead by Juan Carlos Calderon) will be working on an ASP.NET port of the owasp-waf code that will support the ModSecurity Rules Language.
ModSecurity for Nginx
Trustwave's SpiderLabs is currently seeking community assistance with developing a port of ModSecurity for the Nginx platform.
Related External Projects
Rules
REMO
REMO is a project to build a graphical rule editor for ModSecurity
with a positive/whitelist approach.
Ouadjet
Ouadjet uses ModSecurity audit logs to create positive-security policies and export them as
ModSecurity rules. It currently works with ModSecurity 1.9.x.
ScallyWhack
ScallyWhack is a ModSecurity-based solution to block spam posted to Trac-driven websites. It's a
lightweight, fast and flexible tool which recognizes and defeats all currently known methods to spam
Trac.
GotRoot Rules for ModSecurity
GootRoot maintains a large collection of rules for ModSecurity 1.9.x and 2.x.
Logging Tools
AuditConsole
The AuditConsole is a J2EE web-application which runs within a servlet container and is able to receive audit-event data from the ModSecurity module.
ModSecurity App for Splunk
Splunk for ModSecurity provides searches, reports and dashboards for the famous apache module ModSecurity from Trustwave SpiderLabs.
WAF-FLE
WAF-FLE is a OpenSource Console for ModSecurity, it allow the modsec admin to view and search events sent by mlogc (modsecurity event log handler)..
Modsec2sguil
Modsec2sguil is a Perl script that feeds ModSecurity audit logs to Sguil.
WeBekci
WeBekci is a web based ModSecurity 2.x management tool. WeBekci is written in PHP, Its backend is powered
by MySQL and the frontend by XAJAX framework. It is an OWASP project.
| 
