theMiddle's repositories
CVE-2019-11043
(PoC) Python version of CVE-2019-11043 exploit by neex
nmap-elasticsearch-nse
Nmap NSE script for enumerate indices, plugins and cluster nodes on an elasticsearch target
modsecurity-to-elasticsearch
Very simple and primitive Python script that sends ModSecurity JSON Audit Logs to Elasticsearch
ReputationIP
set of bash scripts to get a list of bad reputation IP addresses
challenge-bypass-input-validation
Bypass strict input validation to exploit RCE
myLittlePuny
Python script that checks for IDN homograph on a given domain name
OWASP-CRS-PoC
Tool that helps creating PoC for testing new CRS rule and rule-set
poc-magento227-sqli
PoC SQLi on Magento 2.2.7
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
codeql-test
Test codeql
coreruleset
OWASP ModSecurity Core Rule Set (Official Repository)
jquery.terminal
jQuery Terminal Emulator - web based terminal
ModSecurity
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx that is developed by Trustwave's SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. With over 10,000 deployments world-wide, ModSecurity is the most widely deployed WAF in existence.
msc_pyparser
A ModSecurity rules parser
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
owasp-modsecurity-crs
OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)
secrules_parsing
A parser for the SecRules Langue
wordpress-rule-exclusions-plugin
Rule exclusion plugin for WordPress.
www-project-modsecurity-core-rule-set
OWASP Foundation Web Respository
xss-cheatsheet-data
This repository contains all the XSS cheatsheet data to allow contributions from the community.