[mod-security-users] [tool] CRSprober
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[mod-security-users] [tool] CRSprober
|
From: Jozef S. <jo...@su...> - 2025-07-28 08:05:18
|
Dear ModSecurity community, I’d like to share a small tool I’ve just released - CRSprober. This utility is designed to remotely detect the version of the OWASP CRS as well as the configured paranoia level on a target protected by ModSecurity + CRS. It works by sending specific payloads and analyzing the WAF's responses to determine this information. This can be useful for testing, research, or verification purposes, especially when auditing remote systems. The tool is available here: https://github.com/azurit/CRSprober Any feedback, suggestions, or contributions are very welcome. Best regards, Jozef Sudolsky |
