Franziska Buehler – OWASP ModSecurity Core Rule Set

How the CRS protects the vulnerable web application Pixi by OWASP DevSlop

By Franziska Buehler / September 9, 2019 September 12, 2019

How could the functionality of a WAF be better demonstrated than with a vulnerable web application? In this blog post I introduce Pixi, an intentionally vulnerable web application by the OWASP project DevSlop. I show its known vulnerabilities and examine how the CRS protects against these vulnerabilities. What is Pixi? Pixi is a deliberately vulnerable …

How the CRS protects the vulnerable web application Pixi by OWASP DevSlop Read More »

Core Rule Set Docker Image

By Franziska Buehler / December 12, 2018 December 12, 2018

The Core Rule Set is installed in just four steps, as described in the Installation Guide. Now, it's even easier using the CRS Docker container. The effort to start the CRS in front of an application is reduced to a few seconds and only one command. Franziska Bühler, one of the CRS developers, enhanced the …

Core Rule Set Docker Image Read More »

The Core Rule Set as Part of DevOps (CI pipeline)

By Franziska Buehler / June 19, 2018 June 29, 2018

A Web Application Firewall (WAF) raises concerns that it does not fit into the DevOps methodology. The problem is that when a WAF is added to production, the impact on the application is tested too late. The application developer gets extremely late feedback and the WAF could break the application. This can lead to production …

The Core Rule Set as Part of DevOps (CI pipeline) Read More »

Disassembling SQLi Rules

By Franziska Buehler / November 9, 2017 January 23, 2023

Introduction I would like to explain my work disassembling highly optimized regular expressions. A project like this might discourage many people, but to me, it is very exciting work! I like this kind of investigative work and want to explain what, exactly, I did, why I did it and how! What's the problem? The SQLi …

Disassembling SQLi Rules Read More »