{"id":13577356,"url":"https://github.com/leohearts/awd-watchbird","last_synced_at":"2025-04-04T07:08:27.040Z","repository":{"id":43328338,"uuid":"256184859","full_name":"leohearts/awd-watchbird","owner":"leohearts","description":"A powerful PHP WAF for AWD","archived":false,"fork":false,"pushed_at":"2024-07-07T03:44:58.000Z","size":393,"stargazers_count":719,"open_issues_count":0,"forks_count":93,"subscribers_count":8,"default_branch":"master","last_synced_at":"2025-04-04T01:03:31.581Z","etag":null,"topics":["awd","awd-framework","ctf","php","waf","web-application-firewall"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/leohearts.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-04-16T10:40:29.000Z","updated_at":"2025-04-03T09:37:48.000Z","dependencies_parsed_at":"2024-01-16T20:28:25.255Z","dependency_job_id":"1d00698e-5d8d-48da-b683-c57a3b269107","html_url":"https://github.com/leohearts/awd-watchbird","commit_stats":null,"previous_names":[],"tags_count":11,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leohearts%2Fawd-watchbird","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leohearts%2Fawd-watchbird/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leohearts%2Fawd-watchbird/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/leohearts%2Fawd-watchbird/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/leohearts","download_url":"https://codeload.github.com/leohearts/awd-watchbird/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247135144,"owners_count":20889421,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["awd","awd-framework","ctf","php","waf","web-application-firewall"],"created_at":"2024-08-01T15:01:20.770Z","updated_at":"2025-04-04T07:08:27.018Z","avatar_url":"https://github.com/leohearts.png","language":"PHP","funding_links":[],"categories":["PHP"],"sub_categories":[],"readme":"\u003e 本项目禁止用于比赛. 如果您需要一个比赛场景下的WAF, 可以考虑[DasSecurity-Labs/AoiAWD](https://github.com/DasSecurity-Labs/AoiAWD). (但请注意规则是否允许第三方通防)\n\n\u003cp align=\"center\"\u003e\n\u003cimage style=\"height:200px;display:inline\" src=\"resources/logo.svg\" height=\"200px\" /\u003e\n\u003ch1 align=\"center\"\u003eWatchbird\u003c/h1\u003e\n\u003csmall\u003e\u003cp align=\"center\"\u003e\u003cimg src='https://img.shields.io/github/v/release/leohearts/awd-watchbird?include_prereleases'\u003e\u003c/p\u003e\u003c/small\u003e\n\u003cb\u003e\u003ci\u003e\u003cp align=\"center\"\u003eA powerful PHP WAF for AWD\u003c/p\u003e\u003c/i\u003e\u003c/b\u003e\n\u003c/p\u003e\n\n## 功能:\n\n- 易于配置(单文件, 无需加载外部js/css)\n- 可以随时开启/关闭某项防御\n- 基本防御:\n    - 数据库注入(sql injection)\n    - 文件上传(upload)\n    - 文件包含(lfi)\n    - flag关键字\n    - PHP反序列化(unserialize)\n    - 命令执行(rce)\n    - 分布式拒绝服务攻击(ddos)\n    - 请求头,请求参数(GET/POST)关键字\n    - 特殊字符\n- 深度防御:\n    - 响应检测/反向代理(默认将流量发送至本地服务器自检,可配置代理服务器IP及端口实现反代功能)\n    - 响应flag检测并返回虚假flag\n    - 基于LD_PRELOAD的指令执行保护\n    - 基于open_basedir的PHP文件操作保护\n- 网页控制台:\n    - 功能开关及配置\n    - 实时日志查看\n    - 日志流量重放, 可广播流量至指定网段, 支持提取flag自动提交\n    - RCE/文件上传/深度检测 防御通知(由于chrome无法允许不安全的网站(无SSL证书)显示通知,请使用Firefox并修改about:config中dom.webnotifications.allowinsecure为true)\n\n## 使用\n\n- 下载最新 [release](https://github.com/leohearts/awd-watchbird/releases)\n- 将waf.so,watchbird.php文件存放在/var/www/html或其他目录中\n- 将watchbird.php放在www-data可读的目录, 确保当前用户对目标目录可写, 然后执行```php watchbird.php --install [Web目录]```, 安装器将输出安装了watchbird的文件路径\n- 访问任意启用了waf的文件, 参数```?watchbird=ui```打开watchbird控制台, 创建一个初始密码\n- 如需卸载, 请在相同的位置输入```php watchbird.php --uninstall [Web目录]```, 如果您多次运行了安装, 请多次运行卸载直到卸载器无输出\n\n## 构建\n\n- `git clone https://github.com/leohearts/awd-watchbird.git`\n- 使用 `python3 pack.py` 将源码打包为单文件\n\n- 编译waf.c生成.so文件,参考命令:gcc waf.c -shared -o waf.so\n\n## 截图\n\n![Screenshot_2021-03-08 Watchbird控制台.png](https://i.loli.net/2021/03/08/DELBdIMxyCgtluf.png)\n\n![Screenshot_2021-03-08 Watchbird控制台_1_.png](https://i.loli.net/2021/03/08/6jyrWYUxIXMsqpl.png)\n\n![Screenshot_2021-03-08 Watchbird控制台_2_.png](https://i.loli.net/2021/03/08/RnY7VAZtJmIeKoX.png)\n\n## 贡献者\n\n- *Leohearts*\n- *Longlone*\n- *你* (欢迎Issue及Pull Request)\n\n\u003cb\u003e本项目的开发仅出于研究目的, 请不要在比赛中使用.\u003c/b\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fleohearts%2Fawd-watchbird","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fleohearts%2Fawd-watchbird","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fleohearts%2Fawd-watchbird/lists"}