Search Results

#!/bin/bash funny_bunny(){ cat << EOF |---------------| | sysrq-trigger | |---------------| (\__/) || (o.0 ) || (^ ^ )o EOF } read -p "Is Murphy around? (y/n)" var && var=${var,,} if [ $var = y ]; then funny_bunny; ...

A simple landing page <!DOCTYPE html> <html> <head> <meta name="viewport" content="width=device-width, initial-scale=1.0"/> <link rel="stylesheet" href="/css/styles.css?v=1.0"/> <link rel="icon" type="image/png" href="/media/fav.png"/> <title>Ho...

A simple 404 page <!DOCTYPE html> <html> <head> <meta name="viewport" content="width=device-width, initial-scale=1.0"/> <link rel="stylesheet" href="/css/nooo.css?v=1.0"/> <link rel="icon" type="image/png" href="/media/fav.png"/> <title>Nooooo</...

body { margin: 0; } @font-face { font-family: "neon"; src: url('https://somedomain.name/fonts/font.ttf'); } #background { background-color: black; background-size: 100% 100%; background-repeat: no-repea...

body { margin: 0; } @media only screen and (orientation: landscape) { .landscape { background-image: url('/media/nooo_ls.png'); background-size: 100% 100%; background-repeat: no-repeat; background-position: ...

HTTP headers parser (getting a dynamic nonce value from responses to every single GET request) function respHeaders() { var getReq = new XMLHttpRequest(); getReq.open('GET', document.location, false); getReq.send(null); var respHeaders = getReq.ge...

First of all let me answer to one of the obvious questions - why OpenSource? - Simple enough, we can take F5, Imperva, there are solutions from Fortinet, Check Point, Palo Alto to name a few. Sure we can, but not everyone has access to such technologies and be...

Installing the package apt install libapache2-mod-security2 Turning on module a2enmod security2 Uploading recommended config file mv /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf Checking the engine mode (Leaving at Dete...

Uploading the rules cd /var/tmp wget https://github.com/coreruleset/coreruleset/archive/refs/tags/v4.10.0.tar.gz wget https://github.com/coreruleset/coreruleset/releases/download/v4.10.0/coreruleset-4.10.0.tar.gz.asc Checking integrity gpg --fetch-key h...

Let's have a look at the config. Although if you read it carefully, you will have no questions left nano -w /etc/crs4/crs-setup.conf Making sure that module is working in an Anomaly Scoring mode SecDefaultAction "phase:1,log,auditlog,pass" SecDefaultAction...

Going to use the following expression to filter out the logs while checking on the app behavior tail -f /var/log/apache2/modsec_audit.log | grep -iE ".*notice.*|*.warning.*|.*error.*|.*critical.*" Problem 1 Message: Rule 7faba9cd8db8 [id "951250"][file "/et...