Practical FTW: Testing the Core Rule Set or Any Other WAF

Back in August and September, Chaim Sanders introduced FTW, a Framework to Test WAFs via two blost posts. Existing unit testing frameworks are not really suitable for this purpose as they do not grant you enough control over the requests and the ability to look at the WAF log that needs to be bolted on. …

Practical FTW: Testing the Core Rule Set or Any Other WAF Read More »