CRS
OWASP ModSecurity Core Rule Set (CRS)
CRS is a set of generic blacklisting rules for the popular ModSecurity OSS WAF aiming to protect WebApps from attacks like the ones described by the OWASP Top 10.
The Core Rule Set (short: CRS) is a defense tool protecting web applications from being exploited by attackers. The rule set consists of over 150 elaborate patterns that are distributed under the Apache Software License (ASLv2). CRS is based on the open source ModSecurity Web Application Firewall and is considered the "1st Line of Defense" against web based attacks (as those described by the OWASP Top Ten). CRS is incorporated into various commercial products and installed on hundreds of thousands of webservers worldwide. CRS is a venerable OWASP project with a history spanning ten years. In late 2016, it saw a major release (CRS3) bringing big progress in terms of usability and new features like the Paranoia Mode aimed at high-security setups. CRS is being developed by a world-wide community with two of the core contributors, Franziska Bühler and Christian Folini, being based in Switzerland.
{ hacknight challenges }
- Add notes on alert triggers / triggering payloads to comments of all the rules #918
- SQLi id:942100, false positive on combination of two chars #794
- Add base64 decoding for some rules #369
The OWASP ModSecurity Core Rule Set is distributed under Apache Software License (ASL) version 2. Please see the enclosed LICENSE file for full details.
Previous
HACKnight 2017