Projects

ModSecurity for Apache Native implementation of the web application firewall, working as an Apache module. Both major Apache branches are supported. ModSecurity Core Rules A collection of rules designed to detect common web application attacks, which turns ModSecurity into a Web Intrusion Detection tool. ModSecurity Console ModSecurity Console is a network-based console designed to collect logs and alerts from remote ModSecurity sensors in real-time, providing security analysts with the support they need to keep their web systems secure. Related External Projects GotRoot Rules for ModSecurity GootRoot maintains a large collection of rules for ModSecurity 1.9.x and 2.x. jwall.org Christian Bockermann wrote a number of very interesting tools, several of which are ModSecurity related: a Java library that reads ModSecurity's audit log format, a GUI application that displays contents of an audit log stream, a rule visualisation tool, and WebApplicationProfiler, which takes audit logs and builds positive security profiles out of them (with an option to export profiles to ModSecurity rules). Modsec2sguil Modsec2sguil is a Perl script that feeds ModSecurity audit logs to Sguil. Ouadjet Ouadjet uses ModSecurity audit logs to create positive-security policies and export them as ModSecurity rules. It currently works with ModSecurity 1.9.x. REMO REMO is a project to build a graphical rule editor for ModSecurity with a positive/whitelist approach. ScallyWhack ScallyWhack is a ModSecurity-based solution to block spam posted to Trac-driven websites. It's a lightweight, fast and flexible tool which recognizes and defeats all currently known methods to spam Trac. WeBekci WeBekci is a web based ModSecurity 2.x management tool. WeBekci is written in PHP, Its backend is powered by MySQL and the frontend by XAJAX framework. It is an OWASP project.