├── .github └── ISSUE_TEMPLATE │ ├── bug_report.md │ ├── custom.md │ └── feature_request.md ├── .gitignore ├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── Changelog.md ├── Dockerfile ├── LICENSE ├── Makefile ├── README.md ├── README_CN.md ├── app ├── twaf_access.lua ├── twaf_api.lua ├── twaf_balancer.lua ├── twaf_body_filter.lua ├── twaf_bypass.lua ├── twaf_header_filter.lua ├── twaf_init.lua ├── twaf_init_worker.lua ├── twaf_log.lua ├── twaf_rewrite.lua └── twaf_ssl_cert.lua ├── conf ├── category.json ├── ssl │ ├── nginx.crt │ └── nginx.key ├── twaf_access_rule.json ├── twaf_api.conf ├── twaf_bypass.conf ├── twaf_default_conf.json ├── twaf_main.conf ├── twaf_policy_conf.json └── twaf_server.conf ├── dist.ini ├── doc ├── 深入研究OpenWAF之nginx配置.md ├── 深入研究OpenWAF之集成第三方模块.md ├── 轻松玩转OpenWAF之ELK.md ├── 轻松玩转OpenWAF之入门篇.md ├── 轻松玩转OpenWAF之安装篇.md └── 轻松玩转OpenWAF之常见问题.md └── lib ├── openresty ├── configure ├── lua-geoip-0.1.2 │ ├── AUTHORS │ ├── COPYRIGHT │ ├── HISTORY │ ├── Makefile │ ├── README.md │ ├── TODO │ ├── rockspec │ │ ├── lua-geoip-0.1-1.rockspec │ │ ├── lua-geoip-0.1.1-1.rockspec │ │ ├── lua-geoip-0.1.2-1.rockspec │ │ └── lua-geoip-scm-1.rockspec │ ├── src │ │ ├── city.c │ │ ├── country.c │ │ ├── database.c │ │ ├── database.h │ │ ├── lua-geoip.c │ │ └── lua-geoip.h │ └── test │ │ └── test.lua ├── lua-libinjection-3.9.1 │ ├── .Makefile.swp │ ├── .gitignore │ ├── .travis.yml │ ├── COPYING │ ├── ChangeLog │ ├── Makefile │ ├── README.md │ ├── cicada │ │ ├── StateRedis.py │ │ ├── cicada-event.py │ │ ├── cicada-pump.py │ │ ├── cicada-web.py │ │ ├── cicada.py │ │ ├── events.py │ │ ├── libinjection_test.py │ │ ├── pollers.py │ │ ├── publishers.py │ │ ├── shell.py │ │ └── sourcecontrol.py │ ├── configure-clang.sh │ ├── configure-gcc-hardened.sh │ ├── configure-gcov.sh │ ├── configure-gprof.sh │ ├── data │ │ ├── README.md │ │ ├── false_positives.txt │ │ ├── sqli-arithmetic_blind_sqli.txt │ │ ├── sqli-arithmetic_variations.txt │ │ ├── sqli-arneswinnen.net-boolean.txt │ │ ├── sqli-arneswinnen.net-time.txt │ │ ├── sqli-comparitiveprecomputation.txt │ │ ├── sqli-edb-17934.txt │ │ ├── sqli-forums.txt │ │ ├── sqli-fullqueries.txt │ │ ├── sqli-fuzz-ischi.txt │ │ ├── sqli-hackers.txt │ │ ├── sqli-ibm.txt │ │ ├── sqli-insert_attacks.txt │ │ ├── sqli-isc_sans.txt │ │ ├── sqli-misc.txt │ │ ├── sqli-mysql-implicit.txt │ │ ├── sqli-phpids.txt │ │ ├── sqli-rsalgado-bhusa2013.txt │ │ ├── sqli-spiderlabs-201107.txt │ │ ├── sqli-spiderlabs-201112.txt │ │ ├── sqli-spiderlabs-201205.txt │ │ ├── sqli-sqlmap-20130419.txt │ │ ├── sqli-sqlmap.txt │ │ ├── sqli-sqlmap_examples.txt │ │ ├── sqli-themole.txt │ │ ├── sqli-wordpress_rbarnett.txt │ │ ├── tbd-xss-github-issue-68.txt │ │ ├── xss-0x6D6172696F-394932823645503488.txt │ │ ├── xss-html5secorg.txt │ │ ├── xss-mgentile-2013.txt │ │ ├── xss-modsecurity-2013-1.txt │ │ ├── xss-modsecurity-2013-2.txt │ │ ├── xss-owasp-cheatsheet-20131120.txt │ │ ├── xss-shazzer.txt │ │ ├── xss-smoke-test.txt │ │ ├── xss-soaj1664ashar-pastebin-u6FY1xDA.txt │ │ ├── xss-soaj1664ashar.txt │ │ └── xss-xenotix.txt │ ├── go │ │ ├── Makefile │ │ └── main.go │ ├── install-sh │ ├── lua │ │ ├── .gitignore │ │ ├── Makefile │ │ ├── data2lua.py │ │ ├── generate_lua_fingerprints.py │ │ ├── libinjection.i │ │ ├── luatest.lua │ │ ├── make_test.py │ │ └── testdriver.lua │ ├── misc │ │ ├── Makefile │ │ ├── gittag.sh │ │ ├── home.md │ │ ├── logscanner.py │ │ ├── logscanner2.py │ │ ├── mdgen.sh │ │ ├── modsecurity-merge.sh │ │ ├── mysql_implicit_tests.py │ │ ├── nullserver.py │ │ ├── run_sqlmap.sh │ │ ├── sqliserver.py │ │ └── static │ │ │ ├── favicon.gif │ │ │ ├── favicon.ico │ │ │ ├── favicon.png │ │ │ └── robots.txt │ ├── php │ │ ├── Makefile │ │ ├── config.m4 │ │ ├── example.php │ │ ├── gentests.py │ │ ├── json2php.py │ │ ├── libinjection.i │ │ └── testsupport.php │ ├── python │ │ ├── Makefile │ │ ├── apitest.py │ │ ├── json2python.py │ │ ├── libinjection │ │ │ ├── __init__.py │ │ │ ├── libinjection.i │ │ │ └── sqli_fingerprints.py │ │ ├── pytest.py │ │ ├── setup.py │ │ ├── speedtest.py │ │ └── test_driver.py │ ├── run-clang-static-analyzer.sh │ ├── run-gcov-samples.sh │ ├── run-gcov-unittests.sh │ ├── src │ │ ├── .gitignore │ │ ├── Makefile │ │ ├── clang.sh │ │ ├── example1.c │ │ ├── fingerprints.txt │ │ ├── fingerprints2sqli.py │ │ ├── fptool.c │ │ ├── html5_cli.c │ │ ├── libinjection.h │ │ ├── libinjection_html5.c │ │ ├── libinjection_html5.h │ │ ├── libinjection_sqli.c │ │ ├── libinjection_sqli.h │ │ ├── libinjection_sqli_data.h │ │ ├── libinjection_xss.c │ │ ├── libinjection_xss.h │ │ ├── make_parens.py │ │ ├── reader.c │ │ ├── sqli_cli.c │ │ ├── sqlparse2c.py │ │ ├── sqlparse_data.json │ │ ├── sqlparse_map.py │ │ ├── test-cppcheck.sh │ │ ├── test-driver.sh │ │ ├── test-samples-sqli-negative.sh │ │ ├── test-samples-sqli-positive.sh │ │ ├── test-samples-xss-positive.sh │ │ ├── test-speed-sqli.sh │ │ ├── test-speed-xss.sh │ │ ├── test-unit.sh │ │ ├── test_speed_sqli.c │ │ ├── test_speed_xss.c │ │ └── testdriver.c │ ├── tags.sh │ ├── test-gprof.sh │ └── tests │ │ ├── test-folding-001.txt │ │ ├── test-folding-002.txt │ │ ├── test-folding-003.txt │ │ ├── test-folding-004.txt │ │ ├── test-folding-005.txt │ │ ├── test-folding-006.txt │ │ ├── test-folding-007.txt │ │ ├── test-folding-008.txt │ │ ├── test-folding-009.txt │ │ ├── test-folding-010.txt │ │ ├── test-folding-011.txt │ │ ├── test-folding-012.txt │ │ ├── test-folding-013.txt │ │ ├── test-folding-014.txt │ │ ├── test-folding-015.txt │ │ ├── test-folding-016.txt │ │ ├── test-folding-017.txt │ │ ├── test-folding-018.txt │ │ ├── test-folding-019.txt │ │ ├── test-folding-020.txt │ │ ├── test-folding-021.txt │ │ ├── test-folding-022.txt │ │ ├── test-folding-023.txt │ │ ├── test-folding-024.txt │ │ ├── test-folding-025.txt │ │ ├── test-folding-026.txt │ │ ├── test-folding-027.txt │ │ ├── test-folding-028.txt │ │ ├── test-folding-029.txt │ │ ├── test-folding-030.txt │ │ ├── test-folding-031.txt │ │ ├── test-folding-032.txt │ │ ├── test-folding-033.txt │ │ ├── test-folding-034.txt │ │ ├── test-folding-035.txt │ │ ├── test-folding-036.txt │ │ ├── test-folding-037.txt │ │ ├── test-folding-038.txt │ │ ├── test-folding-039.txt │ │ ├── test-folding-040.txt │ │ ├── test-folding-041.txt │ │ ├── test-folding-042.txt │ │ ├── test-folding-043.txt │ │ ├── test-folding-044.txt │ │ ├── test-folding-045.txt │ │ ├── test-folding-046.txt │ │ ├── test-folding-047.txt │ │ ├── test-folding-048.txt │ │ ├── test-folding-049.txt │ │ ├── test-folding-050.txt │ │ ├── test-folding-051.txt │ │ ├── test-folding-052.txt │ │ ├── test-folding-053.txt │ │ ├── test-folding-054.txt │ │ ├── test-folding-055.txt │ │ ├── test-folding-056.txt │ │ ├── test-folding-057.txt │ │ ├── test-folding-058.txt │ │ ├── test-folding-059.txt │ │ ├── test-folding-060.txt │ │ ├── test-folding-061.txt │ │ ├── test-folding-062.txt │ │ ├── test-folding-063.txt │ │ ├── test-folding-064.txt │ │ ├── test-folding-065.txt │ │ ├── test-folding-066.txt │ │ ├── test-folding-067.txt │ │ ├── test-folding-068.txt │ │ ├── test-folding-069.txt │ │ ├── test-folding-070.txt │ │ ├── test-folding-071.txt │ │ ├── test-folding-072.txt │ │ ├── test-folding-073.txt │ │ ├── test-folding-074.txt │ │ ├── test-folding-075.txt │ │ ├── test-folding-076.txt │ │ ├── test-folding-077.txt │ │ ├── test-folding-078.txt │ │ ├── test-folding-079.txt │ │ ├── test-folding-080.txt │ │ ├── test-folding-081.txt │ │ ├── test-folding-082.txt │ │ ├── test-folding-083.txt │ │ ├── test-folding-084.txt │ │ ├── test-folding-085.txt │ │ ├── test-folding-086.txt │ │ ├── test-folding-087.txt │ │ ├── test-folding-088.txt │ │ ├── test-folding-089.txt │ │ ├── test-folding-090.txt │ │ ├── test-folding-091.txt │ │ ├── test-folding-092.txt │ │ ├── test-folding-093.txt │ │ ├── test-folding-094.txt │ │ ├── test-folding-095.txt │ │ ├── test-folding-096.txt │ │ ├── test-folding-097.txt │ │ ├── test-folding-098.txt │ │ ├── test-folding-099.txt │ │ ├── test-folding-100.txt │ │ ├── test-folding-101.txt │ │ ├── test-folding-102.txt │ │ ├── test-folding-103.txt │ │ ├── test-folding-104.txt │ │ ├── test-folding-105.txt │ │ ├── test-folding-106.txt │ │ ├── test-folding-107.txt │ │ ├── test-folding-108.txt │ │ ├── test-folding-109.txt │ │ ├── test-folding-110.txt │ │ ├── test-folding-111.txt │ │ ├── test-folding-112.txt │ │ ├── test-folding-113.txt │ │ ├── test-folding-114.txt │ │ ├── test-folding-115.txt │ │ ├── test-folding-116.txt │ │ ├── test-folding-117.txt │ │ ├── test-html5-001.txt │ │ ├── test-html5-002.txt │ │ ├── test-html5-003.txt │ │ ├── test-html5-004.txt │ │ ├── test-html5-005.txt │ │ ├── test-html5-006.txt │ │ ├── test-html5-007.txt │ │ ├── test-html5-008.txt │ │ ├── test-html5-009.txt │ │ ├── test-html5-010.txt │ │ ├── test-html5-011.txt │ │ ├── test-html5-012.txt │ │ ├── test-html5-013.txt │ │ ├── test-html5-014.txt │ │ ├── test-html5-015.txt │ │ ├── test-html5-016.txt │ │ ├── test-html5-017.txt │ │ ├── test-html5-018.txt │ │ ├── test-html5-019.txt │ │ ├── test-html5-020.txt │ │ ├── test-html5-021.txt │ │ ├── test-html5-022.txt │ │ ├── test-html5-023.txt │ │ ├── test-html5-024.txt │ │ ├── test-html5-025.txt │ │ ├── test-html5-026.txt │ │ ├── test-html5-027.txt │ │ ├── test-html5-028.txt │ │ ├── test-html5-029.txt │ │ ├── test-html5-030.txt │ │ ├── test-html5-031.txt │ │ ├── test-html5-032.txt │ │ ├── test-html5-033.txt │ │ ├── test-html5-034.txt │ │ ├── test-html5-035.txt │ │ ├── test-html5-036.txt │ │ ├── test-html5-037.txt │ │ ├── test-html5-038.txt │ │ ├── test-html5-039.txt │ │ ├── test-html5-040.txt │ │ ├── test-html5-041.txt │ │ ├── test-html5-042.txt │ │ ├── test-html5-043.txt │ │ ├── test-html5-044.txt │ │ ├── test-html5-045.txt │ │ ├── test-html5-046.txt │ │ ├── test-html5-047.txt │ │ ├── test-html5-048.txt │ │ ├── test-html5-049.txt │ │ ├── test-html5-050.txt │ │ ├── test-html5-051.txt │ │ ├── test-html5-052.txt │ │ ├── test-html5-053.txt │ │ ├── test-html5-054.txt │ │ ├── test-html5-055.txt │ │ ├── test-html5-056.txt │ │ ├── test-html5-059.txt │ │ ├── test-html5-061.txt │ │ ├── test-html5-062.txt │ │ ├── test-html5-063.txt │ │ ├── test-html5-064.txt │ │ ├── test-html5-065.txt │ │ ├── test-html5-066.txt │ │ ├── test-sqli-001.txt │ │ ├── test-sqli-002.txt │ │ ├── test-sqli-003.txt │ │ ├── test-sqli-004.txt │ │ ├── test-sqli-005.txt │ │ ├── test-sqli-006.txt │ │ ├── test-sqli-007.txt │ │ ├── test-sqli-008.txt │ │ ├── test-sqli-009.txt │ │ ├── test-sqli-010.txt │ │ ├── test-sqli-011.txt │ │ ├── test-sqli-012.txt │ │ ├── test-sqli-013.txt │ │ ├── test-sqli-014.txt │ │ ├── test-sqli-015.txt │ │ ├── test-sqli-016.txt │ │ ├── test-sqli-017.txt │ │ ├── test-sqli-018.txt │ │ ├── test-sqli-019.txt │ │ ├── test-sqli-020.txt │ │ ├── test-sqli-021.txt │ │ ├── test-sqli-022.txt │ │ ├── test-sqli-023.txt │ │ ├── test-sqli-024.txt │ │ ├── test-sqli-025.txt │ │ ├── test-sqli-026.txt │ │ ├── test-sqli-027.txt │ │ ├── test-sqli-028.txt │ │ ├── test-sqli-029.txt │ │ ├── test-sqli-030.txt │ │ ├── test-sqli-031.txt │ │ ├── test-sqli-032.txt │ │ ├── test-sqli-033.txt │ │ ├── test-sqli-034.txt │ │ ├── test-sqli-035.txt │ │ ├── test-sqli-036.txt │ │ ├── test-sqli-037.txt │ │ ├── test-sqli-038.txt │ │ ├── test-sqli-039.txt │ │ ├── test-sqli-040.txt │ │ ├── test-sqli-041.txt │ │ ├── test-sqli-042.txt │ │ ├── test-sqli-043.txt │ │ ├── test-sqli-044.txt │ │ ├── test-sqli-045.txt │ │ ├── test-sqli-046.txt │ │ ├── test-sqli-047.txt │ │ ├── test-sqli-048.txt │ │ ├── test-sqli-049.txt │ │ ├── test-sqli-050.txt │ │ ├── test-tokens-061.txt │ │ ├── test-tokens-062.txt │ │ ├── test-tokens-backquotes-001.txt │ │ ├── test-tokens-backquotes-002.txt │ │ ├── test-tokens-backquotes-003.txt │ │ ├── test-tokens-backquotes-004.txt │ │ ├── test-tokens-backquotes-005.txt │ │ ├── test-tokens-backquotes-006.txt │ │ ├── test-tokens-backquotes-007.txt │ │ ├── test-tokens-backquotes-008.txt │ │ ├── test-tokens-backquotes-009.txt │ │ ├── test-tokens-backquotes-010.txt │ │ ├── test-tokens-backquotes-011.txt │ │ ├── test-tokens-backquotes-012.txt │ │ ├── test-tokens-braces-001.txt │ │ ├── test-tokens-braces-002.txt │ │ ├── test-tokens-chars-001.txt │ │ ├── test-tokens-chars-002.txt │ │ ├── test-tokens-chars-003.txt │ │ ├── test-tokens-chars-004.txt │ │ ├── test-tokens-chars-005.txt │ │ ├── test-tokens-chars-006.txt │ │ ├── test-tokens-cimpl-001.txt │ │ ├── test-tokens-cimpl-002.txt │ │ ├── test-tokens-cimpl-003.txt │ │ ├── test-tokens-cimpl-004.txt │ │ ├── test-tokens-comments-cstyle-001.txt │ │ ├── test-tokens-comments-cstyle-002.txt │ │ ├── test-tokens-comments-cstyle-003.txt │ │ ├── test-tokens-comments-cstyle-004.txt │ │ ├── test-tokens-comments-cstyle-005.txt │ │ ├── test-tokens-comments-cstyle-006.txt │ │ ├── test-tokens-comments-cstylenested-001.txt │ │ ├── test-tokens-comments-cstylenested-002.txt │ │ ├── test-tokens-comments-ddash-001.txt │ │ ├── test-tokens-comments-ddash-002.txt │ │ ├── test-tokens-comments-ddash-003.txt │ │ ├── test-tokens-comments-ddash-004.txt │ │ ├── test-tokens-comments-ddash-005.txt │ │ ├── test-tokens-comments-mysql-001.txt │ │ ├── test-tokens-comments-mysql-002.txt │ │ ├── test-tokens-comments-mysql-006.txt │ │ ├── test-tokens-comments-mysql-007.txt │ │ ├── test-tokens-comments-mysql-009.txt │ │ ├── test-tokens-comments-mysql-010.txt │ │ ├── test-tokens-comments-mysql-011.txt │ │ ├── test-tokens-i18n-001.txt │ │ ├── test-tokens-i18n-002.txt │ │ ├── test-tokens-i18n-003.txt │ │ ├── test-tokens-intents-001.txt │ │ ├── test-tokens-intents-002.txt │ │ ├── test-tokens-intents-003.txt │ │ ├── test-tokens-intents-004.txt │ │ ├── test-tokens-intents-005.txt │ │ ├── test-tokens-intents-006.txt │ │ ├── test-tokens-intents-007.txt │ │ ├── test-tokens-numbers-binary-001.txt │ │ ├── test-tokens-numbers-binary-002.txt │ │ ├── test-tokens-numbers-binary-003.txt │ │ ├── test-tokens-numbers-exp-001.txt │ │ ├── test-tokens-numbers-exp-002.txt │ │ ├── test-tokens-numbers-exp-003.txt │ │ ├── test-tokens-numbers-exp-004.txt │ │ ├── test-tokens-numbers-exp-005.txt │ │ ├── test-tokens-numbers-exp-006.txt │ │ ├── test-tokens-numbers-exp-007.txt │ │ ├── test-tokens-numbers-exp-008.txt │ │ ├── test-tokens-numbers-exp-009.txt │ │ ├── test-tokens-numbers-exp-010.txt │ │ ├── test-tokens-numbers-exp-011.txt │ │ ├── test-tokens-numbers-exp-012.txt │ │ ├── test-tokens-numbers-floats-001.txt │ │ ├── test-tokens-numbers-floats-002.txt │ │ ├── test-tokens-numbers-floats-003.txt │ │ ├── test-tokens-numbers-floats-004.txt │ │ ├── test-tokens-numbers-floats-005.txt │ │ ├── test-tokens-numbers-floats-006.txt │ │ ├── test-tokens-numbers-hex-001.txt │ │ ├── test-tokens-numbers-hex-002.txt │ │ ├── test-tokens-numbers-hex-003.txt │ │ ├── test-tokens-numbers-ints-001.txt │ │ ├── test-tokens-numbers-ints-002.txt │ │ ├── test-tokens-numbers-ints-003.txt │ │ ├── test-tokens-numbers-ints-004.txt │ │ ├── test-tokens-numbers-ints-005.txt │ │ ├── test-tokens-numbers-money-001.txt │ │ ├── test-tokens-numbers-money-002.txt │ │ ├── test-tokens-numbers-money-003.txt │ │ ├── test-tokens-numbers-money-004.txt │ │ ├── test-tokens-numbers-money-005.txt │ │ ├── test-tokens-numbers-money-006.txt │ │ ├── test-tokens-numbers-money-007.txt │ │ ├── test-tokens-numbers-money-008.txt │ │ ├── test-tokens-numbers-money-009.txt │ │ ├── test-tokens-numbers-money-010.txt │ │ ├── test-tokens-numbers-nan-001.txt │ │ ├── test-tokens-numbers-nan-002.txt │ │ ├── test-tokens-numbers-nan-003.txt │ │ ├── test-tokens-numbers-nan-004.txt │ │ ├── test-tokens-numbers-null-001.txt │ │ ├── test-tokens-numbers-null-002.txt │ │ ├── test-tokens-numbers-oracle-001.txt │ │ ├── test-tokens-numbers-oracle-002.txt │ │ ├── test-tokens-numbers-oracle-003.txt │ │ ├── test-tokens-numbers-oracle-004.txt │ │ ├── test-tokens-numbers-oracle-005.txt │ │ ├── test-tokens-numbers-oracle-006.txt │ │ ├── test-tokens-numbers-parser-001.txt │ │ ├── test-tokens-numbers-parser-002.txt │ │ ├── test-tokens-numbers-string-001.txt │ │ ├── test-tokens-numbers-string-002.txt │ │ ├── test-tokens-numbers-string-003.txt │ │ ├── test-tokens-numbers-string-004.txt │ │ ├── test-tokens-numbers-string-005.txt │ │ ├── test-tokens-numbers-string-006.txt │ │ ├── test-tokens-numbers-string-007.txt │ │ ├── test-tokens-numbers-string-008.txt │ │ ├── test-tokens-numbers-string-009.txt │ │ ├── test-tokens-numbers-string-010.txt │ │ ├── test-tokens-numbers-string-011.txt │ │ ├── test-tokens-numbers-string-012.txt │ │ ├── test-tokens-operators-001.txt │ │ ├── test-tokens-operators-002.txt │ │ ├── test-tokens-operators-003.txt │ │ ├── test-tokens-operators-004.txt │ │ ├── test-tokens-operators-005.txt │ │ ├── test-tokens-operators-006.txt │ │ ├── test-tokens-operators-007.txt │ │ ├── test-tokens-operators-008.txt │ │ ├── test-tokens-operators-009.txt │ │ ├── test-tokens-operators-010.txt │ │ ├── test-tokens-operators-011.txt │ │ ├── test-tokens-operators-012.txt │ │ ├── test-tokens-operators-013.txt │ │ ├── test-tokens-operators-014.txt │ │ ├── test-tokens-operators-015.txt │ │ ├── test-tokens-operators-016.txt │ │ ├── test-tokens-operators-017.txt │ │ ├── test-tokens-operators-018.txt │ │ ├── test-tokens-operators-019.txt │ │ ├── test-tokens-operators-020.txt │ │ ├── test-tokens-string-001.txt │ │ ├── test-tokens-string-003.txt │ │ ├── test-tokens-string-004.txt │ │ ├── test-tokens-string-005.txt │ │ ├── test-tokens-string-006.txt │ │ ├── test-tokens-string-007.txt │ │ ├── test-tokens-string-008.txt │ │ ├── test-tokens-string-009.txt │ │ ├── test-tokens-string-010.txt │ │ ├── test-tokens-string-011.txt │ │ ├── test-tokens-string-012.txt │ │ ├── test-tokens-string-013.txt │ │ ├── test-tokens-string-014.txt │ │ ├── test-tokens-string-015.txt │ │ ├── test-tokens-string-016.txt │ │ ├── test-tokens-string-017.txt │ │ ├── test-tokens-string-018.txt │ │ ├── test-tokens-string-019.txt │ │ ├── test-tokens-string-020.txt │ │ ├── test-tokens-string-021.txt │ │ ├── test-tokens-string-022.txt │ │ ├── test-tokens-string-023.txt │ │ ├── test-tokens-string-024.txt │ │ ├── test-tokens-string-025.txt │ │ ├── test-tokens-string-026.txt │ │ ├── test-tokens-string-027.txt │ │ ├── test-tokens-string-028.txt │ │ ├── test-tokens-string-029.txt │ │ ├── test-tokens-string-030.txt │ │ ├── test-tokens-string-031.txt │ │ ├── test-tokens-string-032.txt │ │ ├── test-tokens-string-033.txt │ │ ├── test-tokens-string-034.txt │ │ ├── test-tokens-string-035.txt │ │ ├── test-tokens-string-036.txt │ │ ├── test-tokens-string-037.txt │ │ ├── test-tokens-string-038.txt │ │ ├── test-tokens-string-039.txt │ │ ├── test-tokens-string-040.txt │ │ ├── test-tokens-string-041.txt │ │ ├── test-tokens-string-042.txt │ │ ├── test-tokens-string-043.txt │ │ ├── test-tokens-string-044.txt │ │ ├── test-tokens-string-045.txt │ │ ├── test-tokens-string-046.txt │ │ ├── test-tokens-string-047.txt │ │ ├── test-tokens-string-048.txt │ │ ├── test-tokens-string-049.txt │ │ ├── test-tokens-string-050.txt │ │ ├── test-tokens-string-051.txt │ │ ├── test-tokens-string-052.txt │ │ ├── test-tokens-string-053.txt │ │ ├── test-tokens-string-054.txt │ │ ├── test-tokens-string-055.txt │ │ ├── test-tokens-string-056.txt │ │ ├── test-tokens-string-057.txt │ │ ├── test-tokens-string-058.txt │ │ ├── test-tokens-string-059.txt │ │ ├── test-tokens-string-060.txt │ │ ├── test-tokens-string-061.txt │ │ ├── test-tokens-string-062.txt │ │ ├── test-tokens-string-063.txt │ │ ├── test-tokens-string-064.txt │ │ ├── test-tokens-string-065.txt │ │ ├── test-tokens-string-066.txt │ │ ├── test-tokens-string-067.txt │ │ ├── test-tokens-string-068.txt │ │ ├── test-tokens-string-069.txt │ │ ├── test-tokens-string-070.txt │ │ ├── test-tokens-variables-001.txt │ │ ├── test-tokens-variables-002.txt │ │ ├── test-tokens-variables-003.txt │ │ ├── test-tokens-variables-004.txt │ │ ├── test-tokens-variables-005.txt │ │ ├── test-tokens-variables-006.txt │ │ ├── test-tokens-variables-007.txt │ │ ├── test-tokens-variables-008.txt │ │ ├── test-tokens-variables-009.txt │ │ ├── test-tokens-variables-010.txt │ │ ├── test-tokens-variables-011.txt │ │ ├── test-tokens-variables-012.txt │ │ ├── test-tokens-variables-013.txt │ │ ├── test-tokens-variables-014.txt │ │ ├── test-tokens-variables-015.txt │ │ ├── test-tokens-words-002.txt │ │ ├── test-tokens-words-003.txt │ │ ├── test-tokens-words-004.txt │ │ ├── test-tokens-words-005.txt │ │ ├── test-tokens-words-006.txt │ │ ├── test-tokens-words-007.txt │ │ ├── test-tokens-words-008.txt │ │ ├── test-tokens-words-009.txt │ │ ├── test-tokens-words-010.txt │ │ ├── test-tokens-words-011.txt │ │ ├── test-tokens-words-012.txt │ │ ├── test-tokens-words-013.txt │ │ ├── test-tokens-words-014.txt │ │ ├── test-tokens-words-015.txt │ │ ├── test-tokens-words-016.txt │ │ ├── test-tokens-words-017.txt │ │ ├── test-tokens-words-018.txt │ │ ├── test-tokens-words-019.txt │ │ ├── test-tokens-words-020.txt │ │ ├── test-tokens-words-021.txt │ │ ├── test-tokens-words-023.txt │ │ ├── test-tokens-words-024.txt │ │ └── test-tokens-words-025.txt ├── lua-resty-iputils-0.2.1 │ ├── .gitignore │ ├── LICENSE.txt │ ├── Makefile │ ├── README.md │ ├── lib │ │ └── resty │ │ │ └── iputils.lua │ ├── lua-resty-iputils-0.2.1-1.rockspec │ ├── t │ │ ├── 01-ip2bin.t │ │ ├── 02-cidr.t │ │ └── 03-misc.t │ └── util │ │ └── lua-releng.pl ├── lua-resty-libinjection-0.1 │ ├── LICENSE │ ├── Makefile │ ├── README.md │ └── lib │ │ └── resty │ │ └── libinjection.lua ├── lua-resty-logger-socket-0.03 │ ├── .gitignore │ ├── Makefile │ ├── README.md │ ├── lib │ │ └── resty │ │ │ └── logger │ │ │ └── socket.lua │ ├── t │ │ ├── bug.t │ │ ├── cert │ │ │ ├── test.crt │ │ │ └── test.key │ │ ├── flush.t │ │ ├── proto.t │ │ ├── sanity.t │ │ └── timeout.t │ └── valgrind.suppress ├── lua-upstream-cache-nginx-module-0.1.1 │ ├── .gitignore │ ├── LICENSE │ ├── README │ ├── config │ ├── src │ │ ├── ddebug.h │ │ ├── ngx_http_lua_cache_control.c │ │ ├── ngx_http_lua_cache_control.h │ │ └── ngx_http_lua_cache_module.c │ └── t │ │ └── 00-simple.t ├── ngx-http-waf-variables-module-0.01 │ ├── config │ └── ngx_http_twaf_variables_module.c ├── ngx_openwaf.conf └── transforms │ ├── Makefile │ └── transforms.c ├── resty └── logger │ ├── file_access.lua │ └── file_security.lua └── twaf ├── inc ├── action.lua ├── cidr.lua ├── knowledge_db │ ├── geo_country │ │ ├── GeoIP.dat │ │ └── GeoIPv6.dat │ └── twrules │ │ ├── rules.json │ │ └── rules.lua ├── operators.lua ├── opts.lua ├── request.lua ├── transforms.lua └── twaf_func.lua ├── twaf_access_rule.lua ├── twaf_anti_cc ├── twaf_anti_cc.lua ├── twaf_cc_analyze.lua ├── twaf_cc_res.lua └── twaf_cc_trigger_cond.lua ├── twaf_anti_mal_crawler.lua ├── twaf_api.lua ├── twaf_api ├── access_rule.lua ├── config.lua ├── dynamic_config.lua ├── info.lua ├── load_system_rules.lua ├── policy.lua ├── pset.lua ├── rule_set.lua ├── rules.lua ├── stat.lua ├── system_rules_exclude.lua └── user_defined_rules.lua ├── twaf_attack_response.lua ├── twaf_balancer.lua ├── twaf_conf.lua ├── twaf_core.lua ├── twaf_log.lua ├── twaf_reqstat.lua ├── twaf_secrules.lua └── twaf_ssl_cert.lua /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Bug report 3 | about: Create a report to help us improve 4 | 5 | --- 6 | 7 | **Describe the bug** 8 | A clear and concise description of what the bug is. 9 | 10 | **To Reproduce** 11 | Steps to reproduce the behavior: 12 | 1. Go to '...' 13 | 2. Click on '....' 14 | 3. Scroll down to '....' 15 | 4. See error 16 | 17 | **Expected behavior** 18 | A clear and concise description of what you expected to happen. 19 | 20 | **Screenshots** 21 | If applicable, add screenshots to help explain your problem. 22 | 23 | **Desktop (please complete the following information):** 24 | - OS: [e.g. iOS] 25 | - Browser [e.g. chrome, safari] 26 | - Version [e.g. 22] 27 | 28 | **Smartphone (please complete the following information):** 29 | - Device: [e.g. iPhone6] 30 | - OS: [e.g. iOS8.1] 31 | - Browser [e.g. stock browser, safari] 32 | - Version [e.g. 22] 33 | 34 | **Additional context** 35 | Add any other context about the problem here. 36 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/custom.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Custom issue template 3 | about: Describe this issue template's purpose here. 4 | 5 | --- 6 | 7 | 8 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/feature_request.md: -------------------------------------------------------------------------------- 1 | --- 2 | name: Feature request 3 | about: Suggest an idea for this project 4 | 5 | --- 6 | 7 | **Is your feature request related to a problem? Please describe.** 8 | A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] 9 | 10 | **Describe the solution you'd like** 11 | A clear and concise description of what you want to happen. 12 | 13 | **Describe alternatives you've considered** 14 | A clear and concise description of any alternative solutions or features you've considered. 15 | 16 | **Additional context** 17 | Add any other context or screenshots about the feature request here. 18 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Compiled Lua sources 2 | luac.out 3 | 4 | # luarocks build files 5 | *.src.rock 6 | *.zip 7 | *.tar.gz 8 | 9 | # Object files 10 | *.o 11 | *.os 12 | *.ko 13 | *.obj 14 | *.elf 15 | 16 | # Precompiled Headers 17 | *.gch 18 | *.pch 19 | 20 | # Libraries 21 | *.lib 22 | *.a 23 | *.la 24 | *.lo 25 | *.def 26 | *.exp 27 | 28 | # Shared objects (inc. Windows DLLs) 29 | *.dll 30 | *.so 31 | *.so.* 32 | *.dylib 33 | 34 | # Executables 35 | *.exe 36 | *.out 37 | *.app 38 | *.i*86 39 | *.x86_64 40 | *.hex 41 | 42 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | English Mailing List 2 | -------------------- 3 | 4 | The [OpenWAF-en](https://groups.google.com/group/openwaf-en) mailing list is for English speakers. 5 | 6 | Chinese Mailing List 7 | -------------------- 8 | 9 | The [OpenWAF-cn](https://groups.google.com/group/openwaf-cn) mailing list is for Chinese speakers. 10 | 11 | Personal QQ Mail 12 | ---------------- 13 | 14 | 290557551@qq.com 15 | 16 | QQ Group 17 | --------- 18 | 19 | 579790127 20 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | OPENWAF_PREFIX = $(PWD) 2 | SRCDIR = $(OPENWAF_PREFIX)/lib/openresty 3 | DESTDIR = $(OPENWAF_PREFIX)/lib/resty 4 | 5 | CC = gcc 6 | CFLAGS=-fpic -Wall -O3 7 | LFLAGS=-shared 8 | 9 | SO_LIBS = transforms.so 10 | MAKE_LIBS = transforms 11 | INSTALL_LIBS = install-transforms 12 | CLEAN_LIBS = clean-transforms 13 | 14 | all: $(MAKE_LIBS) 15 | 16 | transforms: 17 | cd $(SRCDIR)/transforms && make 18 | 19 | 20 | clean: $(CLEAN_LIBS) 21 | 22 | clean-libs: 23 | cd $(DESTDIR) && rm $(SO_LIBS) 24 | 25 | clean-transforms: 26 | cd $(SRCDIR)/transforms && make clean 27 | 28 | 29 | install: $(INSTALL_LIBS) install-check 30 | 31 | install-transforms: 32 | cd $(SRCDIR)/transforms && make install DESTDIR=$(DESTDIR) 33 | 34 | install-check: 35 | stat $(DESTDIR)/*.so > /dev/null -------------------------------------------------------------------------------- /app/twaf_access.lua: -------------------------------------------------------------------------------- 1 | twaf:run(twaf) 2 | -------------------------------------------------------------------------------- /app/twaf_api.lua: -------------------------------------------------------------------------------- 1 | local api = require "lib.twaf.twaf_api" 2 | api:content(twaf) 3 | -------------------------------------------------------------------------------- /app/twaf_balancer.lua: -------------------------------------------------------------------------------- 1 | twaf:run(twaf) 2 | -------------------------------------------------------------------------------- /app/twaf_body_filter.lua: -------------------------------------------------------------------------------- 1 | return twaf:run(twaf) 2 | -------------------------------------------------------------------------------- /app/twaf_bypass.lua: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/titansec/OpenWAF/7de3c07bfdadac7fdf4bd831bf541a18a988ad30/app/twaf_bypass.lua -------------------------------------------------------------------------------- /app/twaf_header_filter.lua: -------------------------------------------------------------------------------- 1 | twaf:run(twaf) 2 | -------------------------------------------------------------------------------- /app/twaf_init_worker.lua: -------------------------------------------------------------------------------- 1 | twaf:run(twaf) -------------------------------------------------------------------------------- /app/twaf_log.lua: -------------------------------------------------------------------------------- 1 | twaf:run(twaf) -------------------------------------------------------------------------------- /app/twaf_rewrite.lua: -------------------------------------------------------------------------------- 1 | twaf:run(twaf) 2 | -------------------------------------------------------------------------------- /app/twaf_ssl_cert.lua: -------------------------------------------------------------------------------- 1 | twaf:run(twaf) 2 | -------------------------------------------------------------------------------- /conf/category.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/titansec/OpenWAF/7de3c07bfdadac7fdf4bd831bf541a18a988ad30/conf/category.json -------------------------------------------------------------------------------- /conf/twaf_api.conf: -------------------------------------------------------------------------------- 1 | server { 2 | listen 127.0.0.1:61111; 3 | server_name nosuchdomain; 4 | access_log off; 5 | 6 | location / { 7 | stub_status on; 8 | allow 127.0.0.0/8; 9 | deny all; 10 | } 11 | 12 | location /api { 13 | content_by_lua_file /opt/OpenWAF/app/twaf_api.lua; 14 | allow 127.0.0.0/8; 15 | deny all; 16 | } 17 | } 18 | -------------------------------------------------------------------------------- /conf/twaf_bypass.conf: -------------------------------------------------------------------------------- 1 | rewrite_by_lua_file /opt/OpenWAF/app/twaf_bypass.lua; 2 | access_by_lua_file /opt/OpenWAF/app/twaf_bypass.lua; 3 | header_filter_by_lua_file /opt/OpenWAF/app/twaf_bypass.lua; 4 | body_filter_by_lua_file /opt/OpenWAF/app/twaf_bypass.lua; 5 | log_by_lua_file /opt/OpenWAF/app/twaf_bypass.lua; -------------------------------------------------------------------------------- /conf/twaf_main.conf: -------------------------------------------------------------------------------- 1 | lua_shared_dict twaf_shm 50m; 2 | lua_shared_dict twaf_limit_conn 5m; 3 | lua_shared_dict twaf_reqstat 1m; 4 | lua_shared_dict CC 5m; 5 | lua_shared_dict twaf_anti_web_tamper 5m; 6 | lua_shared_dict twaf_apisg_flow 5m; 7 | lua_shared_dict twaf_dpm 5m; 8 | lua_shared_dict twaf_access_rule 2m; 9 | 10 | lua_package_path "/opt/OpenWAF/?.lua;/opt/OpenWAF/lib/?.lua;;"; 11 | lua_package_cpath "/opt/OpenWAF/lib/resty/?.so;;"; 12 | init_by_lua_file /opt/OpenWAF/app/twaf_init.lua; 13 | init_worker_by_lua_file /opt/OpenWAF/app/twaf_init_worker.lua; 14 | 15 | variables_hash_max_size 4096; 16 | variables_hash_bucket_size 512; 17 | 18 | lua_capture_error_log 32m; 19 | lua_need_request_body on; 20 | 21 | map $http_upgrade $connection_upgrade { 22 | default upgrade; 23 | '' ""; 24 | } -------------------------------------------------------------------------------- /conf/twaf_policy_conf.json: -------------------------------------------------------------------------------- 1 | { 2 | "twaf_global":{ 3 | "simulation":false 4 | }, 5 | "twaf_secrules":{ 6 | "state": true, 7 | "rules_id" : { 8 | }, 9 | "user_defined_rules": [ 10 | ], 11 | "disable_vars":[ 12 | ] 13 | }, 14 | "twaf_anti_mal_crawler":{ 15 | "state":true, 16 | "force_scan_robots_state":true 17 | }, 18 | "twaf_limit_conn": { 19 | "state":true, 20 | "trigger_thr":{ 21 | "req_flow_max":107374182, 22 | "req_count_max":10000 23 | }, 24 | "clean_thr":{ 25 | "new_conn_max":40, 26 | "conn_max":100, 27 | "req_max":50, 28 | "uri_frequency_max": 3000 29 | }, 30 | "attacks": 1, 31 | "action":"DENY", 32 | "action_meta":403 33 | } 34 | } -------------------------------------------------------------------------------- /conf/twaf_server.conf: -------------------------------------------------------------------------------- 1 | rewrite_by_lua_file /opt/OpenWAF/app/twaf_rewrite.lua; 2 | access_by_lua_file /opt/OpenWAF/app/twaf_access.lua; 3 | header_filter_by_lua_file /opt/OpenWAF/app/twaf_header_filter.lua; 4 | body_filter_by_lua_file /opt/OpenWAF/app/twaf_body_filter.lua; 5 | log_by_lua_file /opt/OpenWAF/app/twaf_log.lua; 6 | 7 | set $twaf_upstream_server ""; 8 | set $twaf_attack_info ""; 9 | set $twaf_cache_flag 1; -------------------------------------------------------------------------------- /dist.ini: -------------------------------------------------------------------------------- 1 | name = OpenWAF 2 | abstract = The first all-round open source Web security protection system. 3 | version = 0.0.5 4 | author = Jian Qi (Miracle) 5 | is_original = yes 6 | license = apache2 7 | repo_link = https://github.com/titansec/OpenWAF 8 | lib_dir = lib 9 | main_module = lib/twaf/twaf_core.lua -------------------------------------------------------------------------------- /doc/深入研究OpenWAF之集成第三方模块.md: -------------------------------------------------------------------------------- 1 | Name 2 | ==== 3 | 4 | OpenWAF是一个Web安全防护框架,支持集成第三方模块 5 | 6 | 本篇将以一个实例来展示OpenWAF如何添加第三方模块 7 | -------------------------------------------------------------------------------- /doc/轻松玩转OpenWAF之常见问题.md: -------------------------------------------------------------------------------- 1 | Name 2 | ==== 3 | 4 | 在安装和使用OpenWAF的过程中,不同的环境,不同的场景都会碰到不同的问题,很多问题是重复的,因此在这里记录,供他人参考 5 | 6 | [端口问题](#端口问题) 7 | 8 | 端口问题 9 | ======= 10 | 11 | port_in_redirect 12 | ---------------- 13 | 14 | ``` 15 | 场景描述: 16 | 17 |       应用发布在 80 端口 nginx 监听 8800 端口 18 |        lb(负载均衡)        ---->     OpenWaf (转发请求)     ------>     tomcat 19 |     20 | 21 |    tomcat 发起重定向,客户端会显示 nginx 的端口 8800,导致访问失败 22 |     23 | 原因分析: 24 | 25 |    抓包发现,tomcat 返回给 nginx 响应,带有 Location 头,其中端口是 80 26 |    但 nginx 返回给 lb,将 Location 中的端口进行了替换 27 |     28 | 解决方式: 29 | 30 | Syntax: port_in_redirect on | off; 31 | Default: port_in_redirect on; 32 | Context: http, server, location 33 | 34 | Enables or disables specifying the port in absolute redirects issued by nginx. 35 | 36 | port_in_redirect 默认是 on,会替换端口,只需设为 off,即可正常访问。 37 | ``` 38 | 39 | 40 | 41 | -------------------------------------------------------------------------------- /lib/openresty/lua-geoip-0.1.2/AUTHORS: -------------------------------------------------------------------------------- 1 | lua-geoip bindings authors: 2 | --------------------------- 3 | 4 | Alexander Gladysh 5 | Vladimir Dronnikov 6 | 7 | Contributors: 8 | ------------- 9 | 10 | Lorenzo Pistone 11 | Mike Trinkala 12 | Vadim A. Misbakh-Soloviov 13 | Marcin Deranek 14 | -------------------------------------------------------------------------------- /lib/openresty/lua-geoip-0.1.2/HISTORY: -------------------------------------------------------------------------------- 1 | Version 0.1.2 (2012-03-10) 2 | ========================== 3 | 4 | * GEOIP_MEMORY_CACHE is now a default option when opening a DB. 5 | * Fixed some compiler warnings. 6 | * Improved tests. 7 | 8 | Version 0.1.1 (2011-03-09) 9 | ========================== 10 | 11 | * Made code more compatible with C89. 12 | * Charset parameter no longer ignored in `city.open()` and `country.open()`. 13 | 14 | Version 0.1 (2011-03-07) 15 | ======================== 16 | 17 | Initial release. 18 | -------------------------------------------------------------------------------- /lib/openresty/lua-geoip-0.1.2/Makefile: -------------------------------------------------------------------------------- 1 | LUA_VERSION=5.1 2 | PREFIX?=/usr/local 3 | INSTALL?= install 4 | LUA_LIB_DIR?=$(PREFIX)/lib/lua/$(LUA_VERSION) 5 | LUA_FLAGS=-I$(LUA_INCLUDE_DIR) 6 | CFLAGS=-Wall -fPIC -O3 7 | 8 | all: prepare geoip/geoip.so geoip/country.so geoip/city.so 9 | 10 | prepare: 11 | mkdir -p geoip 12 | 13 | geoip/geoip.so: src/database.o src/lua-geoip.o 14 | geoip/country.so: src/database.o src/country.o 15 | geoip/city.so: src/database.o src/city.o 16 | 17 | .c.o: 18 | $(CC) $(CFLAGS) $(LUA_FLAGS) -Isrc/ -c $^ -o $@ 19 | 20 | %.so: 21 | $(CC) -shared -lGeoIP $^ -o $@ 22 | 23 | install: all 24 | $(INSTALL) -d $(DESTDIR)/$(LUA_LIB_DIR)/geoip 25 | $(INSTALL) geoip/* $(DESTDIR)/$(LUA_LIB_DIR)/geoip 26 | 27 | clean: 28 | rm -rf geoip 29 | rm -f src/*.o 30 | 31 | .SUFFIXES: .c .o .so 32 | -------------------------------------------------------------------------------- /lib/openresty/lua-geoip-0.1.2/TODO: -------------------------------------------------------------------------------- 1 | TODO: 2 | ----- 3 | 4 | -- Document current API. 5 | -- Fix file headers. 6 | -- Run splint all over it, and fix errors. 7 | -- Generalize copy-pasted DB handling code 8 | -- Support GEOIP_COUNTRY_EDITION_V6 somehow (separate db type?) 9 | -- consider removing db type constants from binding 10 | -- Support regions. 11 | -- Bind whole API. 12 | -- Capture not only stderr, but stdin as well, 13 | libgeoip spams there as well. 14 | -- Write better tests. 15 | -- Open by DB type leaks 18KB+ (that's how libgeoip written). 16 | -- Add a luajit.ffi binding 17 | -------------------------------------------------------------------------------- /lib/openresty/lua-geoip-0.1.2/src/database.h: -------------------------------------------------------------------------------- 1 | /* 2 | * database.h: Bindings for MaxMind's GeoIP library 3 | * See copyright information in file COPYRIGHT. 4 | */ 5 | 6 | #ifndef LUAGEOIP_DATABASE_H_ 7 | #define LUAGEOIP_DATABASE_H_ 8 | 9 | #define LUAGEOIP_COUNTRY_MT "lua-geoip.db.country" 10 | #define LUAGEOIP_CITY_MT "lua-geoip.db.city" 11 | 12 | int luageoip_common_open_db( 13 | lua_State * L, 14 | const luaL_Reg * M, 15 | int default_type, 16 | int default_flags, 17 | const char * mt_name, 18 | unsigned int bad_flags, 19 | size_t num_allowed_types, 20 | const int * allowed_types 21 | ); 22 | 23 | #endif /* LUAGEOIP_DATABASE_H_ */ 24 | -------------------------------------------------------------------------------- /lib/openresty/lua-geoip-0.1.2/src/lua-geoip.h: -------------------------------------------------------------------------------- 1 | /* 2 | * lua-geoip.h: Bindings for MaxMind's GeoIP library 3 | * See copyright information in file COPYRIGHT. 4 | */ 5 | 6 | #ifndef LUAGEOIP_LUA_GEOIP_H_ 7 | #define LUAGEOIP_LUA_GEOIP_H_ 8 | 9 | #if defined (__cplusplus) 10 | extern "C" { 11 | #endif 12 | 13 | #include 14 | #include 15 | 16 | #ifndef luaL_checkint 17 | #define luaL_checkint(L,n) luaL_checkinteger(L,n) 18 | #endif 19 | 20 | #ifndef luaL_optint 21 | #define luaL_optint(L,n,s) luaL_optinteger(L,n,s) 22 | #endif 23 | 24 | #if defined (__cplusplus) 25 | } 26 | #endif 27 | 28 | #include 29 | #include 30 | 31 | typedef struct luageoip_DB 32 | { 33 | GeoIP * pGeoIP; 34 | } luageoip_DB; 35 | 36 | #endif /* LUAGEOIP_LUA_GEOIP_H */ 37 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/.Makefile.swp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/titansec/OpenWAF/7de3c07bfdadac7fdf4bd831bf541a18a988ad30/lib/openresty/lua-libinjection-3.9.1/.Makefile.swp -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/.gitignore: -------------------------------------------------------------------------------- 1 | *~ 2 | *.pyc 3 | *.dSYM 4 | c/#* 5 | *.plist 6 | *.info 7 | *.gch 8 | 9 | # gnu autotest 10 | *.trs 11 | 12 | #aclocal.m4 13 | app.info 14 | autom4te.cache 15 | #compile 16 | config.h 17 | #config.h.in 18 | #config.guess 19 | config.log 20 | config.status 21 | #config.sub 22 | #configure 23 | configure.scan 24 | coverage_report 25 | #depcomp 26 | #install-sh 27 | #libtool 28 | #ltmain.sh 29 | #Makefile.in 30 | #m4 31 | #missing 32 | stamp-h1 33 | *~ 34 | *.html 35 | *.log 36 | *.o 37 | *.la 38 | *.so* 39 | *.a 40 | .deps 41 | *.tar* 42 | *.zip 43 | *.lo 44 | *.gcno 45 | *.gcda 46 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/.travis.yml: -------------------------------------------------------------------------------- 1 | language: c 2 | 3 | script: 4 | - make -e check 5 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/Makefile: -------------------------------------------------------------------------------- 1 | 2 | SUBDIRS=src 3 | 4 | LUA_VERSION = 5.1 5 | TARGET = libinjection.so 6 | PREFIX ?= /usr/local 7 | LUA_LIB_DIR ?= $(PREFIX)/lib/lua/$(LUA_VERSION) 8 | EXECPERM = 755 9 | 10 | install: 11 | (cd lua; $(MAKE)) 12 | mkdir -p $(DESTDIR)/$(LUA_LIB_DIR) 13 | rm -f $(DESTDIR)/$(LUA_LIB_DIR)/$(TARGET) 14 | cp lua/$(TARGET) $(DESTDIR)/$(LUA_LIB_DIR) 15 | chmod $(EXECPERM) $(DESTDIR)/$(LUA_LIB_DIR)/$(TARGET) 16 | 17 | all: 18 | (cd src; ${MAKE} all) 19 | check: 20 | (cd src; ${MAKE} check) 21 | clean: 22 | (cd src; ${MAKE} clean) 23 | 24 | #.PHONY: all check clean 25 | .PHONY: install 26 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/cicada/cicada-event.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | import logging 4 | import sys 5 | from StateRedis import StateRedis 6 | 7 | if __name__ == '__main__': 8 | logging.basicConfig(level=logging.DEBUG) 9 | connection = StateRedis() 10 | eventname = sys.argv[1] 11 | logging.debug("Adding event %s", eventname) 12 | connection.event_put(eventname) 13 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/cicada/cicada-pump.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python 2 | 3 | import logging 4 | import time 5 | 6 | import cicada 7 | 8 | if __name__ == '__main__': 9 | logging.basicConfig(level=logging.DEBUG) 10 | while True: 11 | cicada.pump() 12 | time.sleep(60) 13 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/cicada/shell.py: -------------------------------------------------------------------------------- 1 | import logging 2 | import subprocess 3 | 4 | class ExecuteShell(object): 5 | """ 6 | Executes a bash script 7 | """ 8 | def __init__(self, script): 9 | self.script = script 10 | 11 | def run(self, name): 12 | logging.info("Shell exec at {0}".format(name)) 13 | p = subprocess.Popen(['/bin/bash', '-v', '-c', self.script], 14 | cwd=name, 15 | stdout = subprocess.PIPE, 16 | stderr = subprocess.STDOUT, 17 | shell=False) 18 | (sout, serr) = p.communicate() 19 | 20 | return (sout, serr, p.returncode) 21 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/configure-clang.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | # 4 | # adjust as needed for your clang setup 5 | # 6 | # -Wno-padded padding can change by OS/version this check is really 7 | # for embedded systems so it's ok to skip 8 | # 9 | # -Wno-covered-switch-default Don't warn if we have a switch that 10 | # covers all of an enum AND we have a default. enums are only losely 11 | # typed, it's good to have a default: assert(0) in case someone does 12 | # a bad cast, etc also this conflicts with GCC checks. 13 | # 14 | make clean 15 | export CC=clang 16 | export CFLAGS="-g -ansi -fpic -O3 -Weverything -Wno-unused-macros -Wno-padded -Wno-covered-switch-default" 17 | make check 18 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/configure-gcc-hardened.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | # 4 | # See https://wiki.debian.org/Hardening for details 5 | # 6 | # -Wno-padded padding can change by OS/version this check is really 7 | # for embedded systems so it's ok to skip 8 | # 9 | # -Wno-covered-switch-default Don't warn if we have a switch that 10 | # covers all of an enum AND we have a default. enums are only losely 11 | # typed, it's good to have a default: assert(0) in case someone does 12 | # a bad cast, etc also this conflicts with GCC checks. 13 | # 14 | make clean 15 | export CFLAGS="-g -O3 -pie -fPIE -fPIC -fstack-protector --param ssp-buffer-size=4 -Wall -Wextra -Wformat -Wformat-security -Werror -Wcast-align -Wshadow -Wpointer-arith -Wcast-qual -Wstack-protector -D_FORTIFY_SOURCE=2 -ansi -pedantic" 16 | make -e 17 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/configure-gcov.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | # 4 | # gprof build 5 | # 6 | make clean 7 | export CC=gcc 8 | export CFLAGS="-ansi -g -O0 -fprofile-arcs -ftest-coverage -Wall -Wextra" 9 | make -e 10 | 11 | 12 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/configure-gprof.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | set -e 3 | # 4 | # gprof build 5 | # 6 | make clean 7 | export CFLAGS="-O2 -pg -ansi" 8 | make -e 9 | 10 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/data/README.md: -------------------------------------------------------------------------------- 1 | Files in this directory are sample input for SQLi or false positives 2 | 3 | Lines that are empty or start with `#` ignored. Otherwise they should 4 | be URL-encoded "user input" as might be found in query string. 5 | 6 | Each of the `sqli-\*.txt` files should generate a sqli match (with a few 7 | outliers). 8 | 9 | The `false-positive.txt` file are inputs that in the process of 10 | development where falsely marked as sqli. 11 | 12 | 13 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/data/sqli-arithmetic_blind_sqli.txt: -------------------------------------------------------------------------------- 1 | # Not sure of orginal source 2 | # attributed to David Litchfield 3 | # 4 | 234+%2B+%281+%2F+ASCII%28substring%28passwd%2C1%2C1%29%29-4%29 5 | foo%27+%2B+%281+%2F+ASCII%28substring%28passwd%2C1%2C1%29%29-4%29-- 6 | 7 | 456+%2B+ASCII%28substring%28passwd%2C1%2C1%29%29-10 8 | foo%27%2B+ASCII%28substring%28passwd%2C1%2C1%29%29-10-- 9 | 10 | # overflow 11 | 123%2B+%28%280+%2F+ascii%28substring%28passwd%2C1%2C1%29%29+%2A+4294967296%29 12 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/data/sqli-arneswinnen.net-boolean.txt: -------------------------------------------------------------------------------- 1 | # 2 | # from http://www.arneswinnen.net/2013/09/automated-sql-injection-detection/ 3 | # 4 | 999999 or 1=1 or 1=1 5 | ' or 1=1 or '1'='1 6 | " or 1=1 or "1"="1 7 | 999999) or 1=1 or (1=1 8 | ') or 1=1 or ('1'='1 9 | ") or 1=1 or ("1"="1 10 | 999999)) or 1=1 or ((1=1 11 | ')) or 1=1 or (('1'='1 12 | ")) or 1=1 or (("1"="1 13 | 999999))) or 1=1 or (((1 14 | '))) or 1=1 or ((('1'='1 15 | "))) or 1=1 or ((("1"="1 16 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/data/sqli-comparitiveprecomputation.txt: -------------------------------------------------------------------------------- 1 | # http://www.blackhatlibrary.net/Comparative_precomputation 2 | ascii(substring(version() from 1 for 1)) 3 | length((select length(version()))) 4 | ascii(substring(length(version()),1,1)) 5 | (select id from (select id,@v:=@v+1 as pos from articles y join (select @v:=0) k limit 255) x where pos=1) 6 | (select id from (select id,@v:=@v+1 as pos from articles y join (select @v:=0) k limit 255) x where pos=ascii(substring(version() from 1 for 1))) 7 | vulnerable_site' and 1=5 or title=() #' 8 | conv(hex(substr(version() FROM 1 FOR 2)),16,10) 9 | conv(hex(substr(version() FROM 1 FOR 2)),16,10) >> 0x6 10 | conv(hex(substr(version() FROM 2 FOR 2)),16,10) << 0x2 >> 0x6 11 | uncompress(compress(version())) 12 | LENGTH(compress(version())) 13 | LENGTH(version()) 14 | LENGTH(load_file('/etc/passwd')) 15 | LENGTH(compress(load_file('/etc/passwd'))) 16 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/data/sqli-ibm.txt: -------------------------------------------------------------------------------- 1 | # various things for http://www-01.ibm.com/support/knowledgecenter/SSGU8G_11.50.0/com.ibm.sqls.doc/ids_sqs_1526.htm 2 | # 3 | UNION ALL SELECT FileToClob("/etc/passwd", "server")::html,0 4 | UNION ALL SELECT FileToBlob("/etc/passwd", "server")::html,0 5 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/data/sqli-isc_sans.txt: -------------------------------------------------------------------------------- 1 | # http://isc.sans.edu/diary.html?storyid=12127 2 | 189%27%29%29%2F%2A%2A%2For%2F%2A%2A%2F1%3D%40%40version------snip---- 3 | 189%29%2F%2A%2A%2For%2F%2A%2A%2F1%3D%40%40version--------snip---- 4 | 189%2F%2A%2A%2For%2F%2A%2A%2F1%3D%40%40version%29%29------snip---- 5 | 189%27%2F%2A%2A%2For%2F%2A%2A%2F1%3D%40%40version%29------snip---- 6 | 7 | # http://isc.sans.edu/diary.html?storyid=11011 8 | 999999.9+UNION+ALL+SELECT+0x31303235343830303536%2C0x31303235343830303536-- 9 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/data/sqli-sqlmap_examples.txt: -------------------------------------------------------------------------------- 1 | # 2 | # Attacks pulled out of the examples from SQLMAP 3 | # 4 | 5 | # https:#svn.sqlmap.org/sqlmap/trunk/sqlmap/tamper/space2mssqlhash.py 6 | 1%23%0AAND%23%0A9227=9227 7 | 8 | # https://svn.sqlmap.org/sqlmap/trunk/sqlmap/tamper/space2morehash.py 9 | 1%23PTTmJopxdWJ%0AAND%23cWfcVRPV%0A9227=9227 10 | 11 | # https://svn.sqlmap.org/sqlmap/trunk/sqlmap/tamper/space2hash.py 12 | 1%23PTTmJopxdWJ%0AAND%23cWfcVRPV%0A9227=9227 13 | 14 | # https://svn.sqlmap.org/sqlmap/trunk/sqlmap/tamper/space2dash.py 15 | 1--PTTmJopxdWJ%0AAND--cWfcVRPV%0A9227=9227 16 | 17 | # https://svn.sqlmap.org/sqlmap/trunk/sqlmap/tamper/modsecurityzeroversioned.py 18 | 1+/*!00000AND+2>1*/--' 19 | 20 | # https://svn.sqlmap.org/sqlmap/trunk/sqlmap/tamper/halfversionedmorekeywords.py 21 | value'/*!0UNION/*!0ALL/*!0SELECT/*!0CONCAT(/*!0CHAR(58,107,112,113,58),/*!0IFNULL(CAST(/*!0CURRENT_USER()/*!0AS/*!0CHAR),/*!0CHAR(32)),/*!0CHAR(58,97,110,121,58)), NULL, NULL#/*!0AND 'QDWa'='QDWa 22 | 23 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/data/tbd-xss-github-issue-68.txt: -------------------------------------------------------------------------------- 1 | # https://github.com/client9/libinjection/issues/68 2 | 3 | %3Cobject%00IRSDL+allowScriptAccess%3Dalways+data%3D%2F%2F0me.me%2Fdemo%2Fxss%2Fflash%2FnormalEmbededXSS.swf%3F 4 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/data/xss-0x6D6172696F-394932823645503488.txt: -------------------------------------------------------------------------------- 1 | # https://twitter.com/0x6D6172696F/status/394932823645503488 2 | # http://pastebin.com/jNPbhduR 3 |

4 | -------------------------------------------------------------------------------- /lib/openresty/lua-libinjection-3.9.1/data/xss-mgentile-2013.txt: -------------------------------------------------------------------------------- 1 | # Mauro Gentile 2 | # https://www.owasp.org/images/7/7c/Gentile_OWASP_EU_Tour_2013.pdf 3 | 4 |

5 |