AnomalyWebApplicationFirewall is a script that used to unify access logs. The only prerequisites are that the nessesary parameters are logged and that all of the parameters are surrounded with double quotes. The outpout is saved in MongoDB which will be used as input for other scripts.
AnomalyWebApplicationFirewall
Script List:
* Unifier
This script is used to unify access logs. The only prerequisites are that the nessesary parameters are logged and that all of the parameters are surrounded with double quotes. The outpout is saved in MongoDB which will be used as input for other scripts.
* Profiler
This script is used to profile the unified script. It takes input from a given collection (MongoDB), output is also stored in MongoDB
* Firewall
This script is used to run the web application firewall (simulated) based on the created profile.
Usage:
git clone https://github.com/matthiasmaes/AnomalyWebApplicationFirewall && AnomalyWebApplicationFirewall pip2 install pymongo progressbar ip2location now you can run one by one the inside folder
Source: https://github.com/matthiasmaes