NOTE: This project is no longer under active developement.
Check out the successor at: https://github.com/jensvoid/lorg
Web Forensik ist a script that uses PHPIDS to automatically scan your HTTPD logfiles for attacks against web applications. Check the Wiki for installation, configuration, usage.
Features
- supports standard log formats (common, combined)
- allows user-defined (mod_log_config syntax) formats
- automatically pipes your web logs through PHPIDS
- categorizes all incidents by type, impact, date, host...
- generates reports in CSV, HTML (sortable table), XML
License
GNU General Public License version 2.0 (GPLv2)
You Might Also Like
Rate This Project
Login To Rate This Project
User Reviews
-
webforensik is further developed as `lorg' - github.com/jensvoid/lorg - with many new features added (various detection modules, man-machine distinction, attack quantification, geoip/dnsbl support, logfile tamper checks, ...)
-
Thank you for doing this, I find it really useful. I tried to run it with the latest PHPIDS and I received some PHP errors so I fixed it and put the code on github : github.com/nekhbet/WebForensik Hope this will help someone.