ModSecurity: Tools
Jump to navigation
Jump to search
Sumber: http://www.xiom.com/content/modsecurity-tools-enhacements
Different tools have been written to assist in using and managing ModSecurity. On this page you will find a list of them.
Add-ins
- http://www.approach.be/security-modsecurity.html - cmdLine transformation function useful to prevent evasion of command injection attacks (Marc Stern),
Monitoring
- http://www.modsecurity.org/projects/console/index.html - ModSecurity Console - a web based event collector from Breach. Free but not open source. Limited to 3 sensors.
- https://secure.jwall.org/web/audit/viewer.jsp - AuditViewer - An extermely useful open source tool from Christian Bockermann for viewing ModSecurity audit log records stored in a file. Can be used also to extract individual audit records and to resend requests.
- https://secure.jwall.org/blog/2009/01/25/1232920799926.html - Collection viewer (part of Christian Bockermann Toolbox) - provides an insight into the information in ModSecurity collections. An indenspensible tool in troublshooting complex rules which use collections.
Pembuat Rules
- https://secure.jwall.org/web/profile/ - Web Application Profile - a new concept for defininf rules using an XML based templating system. Includes an editor to create rules using the templates (Christian Bockermann)
- http://remo.netnea.com/ - REMO - Rules editor for ModSecurity (Christian Folini)
- http://www.modsecurity.org/projects/modprofiler/index.html - ModProfiler - learning engine for ModSecurity to automatically create rules (Ivan Ristic, Alpha stage)
- http://www.owasp.org/index.php/Category:OWASP_WeBekci_Project - WeBekci - A web based configuration and rules editor for ModSecurity (Bünyamin Demir). The project seems to be inactive for a while.