WAF RULE TESTING (OS COMMAND INJECTION VULNERABILITY)
In this blog, we will be Testing OS command injection attack on vulnerable application with OWASP CRS & CWAF Ruleset. How to identify the flaw on OWASP CRS & CWAF Ruleset? At first, set up the vulnerable application i.e XVWA,OWASP Mutillidae Vulnerable App on the server for testing WAF rules. Install modsecurity and include both OWASP CRS && CWAF ruleset in apache config....
Tags: