Christian Folini


Rule Exclusion Script on Steroids

The ModSecurity / OWASP Core Rule Set tutorials here at netnea.com are visited by over 8,000 times a month. With many of the unique visitors, the auxiliary script modsec-rulereport.rb is a favorite. The tool allows you to generate rule exclusions based on a ModSecurity rule alert message. Today, I’m presenting you a new version of […]


Introducing crs-trigger.py

This is a blog post about a new script, that will execute a request in order trigger an arbitrary Core Rule Set anomaly score. The OWASP ModSecurity Core Rule Set (short CRS) is a scoring rule set with individual rules working together to assess an incoming request and assigning it an anomaly score. An administrator […]


Adding empty HTTP headers via libcurl (pycurl)

When testing for the correct behavior of the OWASP ModSecurity Core Rule Set, a popular Web Application Firewall rule set, I needed to send empty Acccept- and User-Agent headers. This is relatively simple on the command line with curl: $> curl –header “User-Agent;” https://example.com Pulling this off with libcurl (pycurl in my case), was way […]