https://github.com/zkfmapf123/waf-study

waf-study
https://github.com/zkfmapf123/waf-study

Last synced: 4 months ago
JSON representation

waf-study

Host: GitHub
URL: https://github.com/zkfmapf123/waf-study
Owner: zkfmapf123
Created: 2024-01-22T13:18:33.000Z (over 2 years ago)
Default Branch: master
Last Pushed: 2024-01-23T12:09:15.000Z (over 2 years ago)
Last Synced: 2025-03-02T22:41:54.493Z (over 1 year ago)
Language: HCL
Size: 1.53 MB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

          # WAF-Study

![waf](./public/waf.png)

## dvwa

- DVWA는 취약하게 만든 웹 환경으로 구성되어 있으며 웹 모의해킹을 진행하기위해서 사용된다.

- dvwa id/pw

```yml

    ...

    MYSQL_ROOT_PASSWORD: rootpass

    MYSQL_DATABASE: dvwa

    MYSQL_USER: dvwa            ## id

    MYSQL_PASSWORD: p@ssw0rd    ## pw

    ...

    ## clear 후

    ## admin/password

```

## 초기설정

![secu](./public/secu.png)

## WAF 설정 방법

ACL을 생성한다 (Default ACL)

![waf-1](./public/waf-1.png)

![waf-2](./public/waf-2.png)

![waf-3](./public/waf-3.png)

![waf-3.5](./public/waf-3.5png)

![waf-4](./public/waf-4.png)

![waf-6](./public/waf-6.png)

## DVWA를 활용한 공격 방법 + ACL 설정

- [SQL_injection](./attacker/SQL_injection.md)

- [만약 우선순위를 잘못준다면?](./attacker/bad_priority.md)

## Reference

-  WAF Getting Started

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/zkfmapf123/waf-study

Awesome Lists containing this project

README