Search Results for "http header injection"

Privoxy is a non-caching web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. Privoxy has a flexible configuration and can be customized to suit individual needs and tastes. It has application for both stand-alone systems and multi-user networks.

The OWASP ModSecurity Core Rule Set (CRS) is a curated, generic Web Application Firewall rule set that detects and blocks common attack categories across most web apps. It focuses on broad protection—SQL injection, cross-site scripting, local/remote file inclusion, command injection, and protocol violations—without requiring app-specific knowledge. Rules are organized into paranoia levels so operators can tune detection aggressiveness and balance false positives against coverage. An anomaly-scoring model accumulates rule hits per request, enabling nuanced blocking thresholds and easier incident triage. ...

...The result is a flexible, scriptable WAF that pairs the performance of NGINX with the expressiveness of Lua for nuanced HTTP defense.

Based on dnstop, webtop reads either a live Ethernet stream or a pre-captured file of packets, and performs aggregations based on standard HTTP headers. It can operate in an interactive mode, as well as produce reports for inclusion into incident reports, et cetera.