Return to search

Project X : All-in-one WAF testing tool

Web Application Firewall (WAF) is used to protect the Web application (web app). One of the advantages of having WAF is, it can detect possible attacks even if there is no validation implemented on the web app. But how can WAF protect the web app if WAF itself is vulnerable? In general, four testing methods are used to test WAF such as fuzzing, payload execution, bypassing, and footprinting. There are several open-source WAF testing tools but it appears that it only offers one or two testing methods. That means a tester is required to have multiple tools and learn how each tool works to be able to test WAF using all testing methods. This project aims to solve this difficulty by developing a WAF testing tool called ProjectX that offers all testing methods. ProjectX has been tested on a testing environment and the results show that it fulfilled its requirements. Moreover, ProjectX is available on Github for any developer who want to improve or add more functionality to it.

Identiferoai:union.ndltd.org:UPSALLA1/oai:DiVA.org:lnu-97102
Date January 2020
CreatorsAnantaprayoon, Amata
PublisherLinnéuniversitetet, Institutionen för datavetenskap och medieteknik (DM)
Source SetsDiVA Archive at Upsalla University
LanguageEnglish
Detected LanguageEnglish
TypeStudent thesis, info:eu-repo/semantics/bachelorThesis, text
Formatapplication/pdf
Rightsinfo:eu-repo/semantics/openAccess

Page generated in 0.0023 seconds