3 comments

[ 2.9 ms ] story [ 17.0 ms ] thread
Modsec is a sloppy tool thats honestly sucky. Its config hell, rule hell and its outdated ash. Its vulnerable to just about EVERY modern attack surface. We are gonna make that change: https://github.com/1rhino2/RhinoWAF/

Just to clarify, we are not a company of any sorts, simply people willing to help.

How does RhinoWAF compare to other open WAFs like OWASP Coraza WAF, bunkerweb, and SafeLine?

Does RhinoWAF support ModSecurity SecLang rulesets like OWASP CRS? Is there a SecLang to RhinoWAF JSON converter?

Shouldn't eBPF be fast at sorting and running rules?

What are good metrics for evaluating WAFs?

coraza: https://github.com/corazawaf/coraza

bunkerweb: https://github.com/bunkerity/bunkerweb

SafeLine: https://github.com/chaitin/SafeLine

RhinoWAF: https://github.com/1rhino2/RhinoWAF

gh topic: waf: https://github.com/topics/waf

awesome-WAF: https://github.com/0xInfection/Awesome-WAF

Is there a good way to go from an OpenAPI / Swagger schema to WAF rules; and then to verify that the rules don't collide? IIUC eBPF does part of this