Homemade WAF (Web Application Firewall)

May 2, 2024 1 minute

This project implements a homemade Web Application Firewall (WAF) using Flask as a reverse proxy. The WAF is designed to protect an intentionally designed vulnerable Flask web server from common web security threats such as SQL injection and Cross-Site Scripting (XSS). It intercepts incoming requests, checks them for security vulnerabilities, and forwards them to the web server if they are deemed safe. The project contains features such as: Intentionally Vulnerable Web Server Reverse Proxy Content Security Policy (CSP) SQL Injection Protection HTTP Verb Checking Anti-Bot Protection HTTPS Connection You can find the full explanation, as well as the setup and usage instructions here.

This project implements a homemade Web Application Firewall (WAF) using Flask as a reverse proxy. The WAF is designed to protect an intentionally designed vulnerable Flask web server from common web security threats such as SQL injection and Cross-Site Scripting (XSS). It intercepts incoming requests, checks them for security vulnerabilities, and forwards them to the web server if they are deemed safe.

The project contains features such as:

  • Intentionally Vulnerable Web Server
  • Reverse Proxy
  • Content Security Policy (CSP)
  • SQL Injection Protection
  • HTTP Verb Checking
  • Anti-Bot Protection
  • HTTPS Connection

You can find the full explanation, as well as the setup and usage instructions here.