Raptor WAF – C Based Web Application Firewall

Raptor WAF - C Based Web Application Firewall

Raptor is a C based open source web application firewall that uses DFA (Deterministic Finite Automata) to block SQL Injection, Cross Site Scripting (XSS) and Path Traversal. It allows you to block some users with the blacklist of IPs (config/blacklist_ip.txt).

Raptor WAF Screenshot 1


$ git clone https://github.com/CoolerVoid/raptor_waf
$ cd raptor_waf; make; bin/raptor

Note: Don’t execute with “cd bin; ./raptor” use full path “bin/raptor”.

Remember: It needs lib pcre to compile.


Up some HTTPd server at port 80 redirect with raptor to port 8883:

$ bin/Raptor -h localhost -p 80 -r 8883 -w 4 -o loglog.txt

Copy vulnerable PHP code to your web server directory:

$ cp doc/test_dfa/test.php /var/www/html

Now you can test xss attacks at http://localhost:8883/test.php

Other option to run(now with regex, look file config/regex_rules.txt to edit rules):

$ bin/Raptor -h -p 80 -r 8883 -w 0 -o resultwaf -m pcre

Raptor WAF Screenshot 2

Temp Mails (https://tempemail.co/) is a new free temporary email addresses service. This service provide you random 10 minutes emails addresses. It is also known by names like: temporary mail, disposable mail, throwaway email, one time mail, anonymous email address… All emails received by Tempmail servers are displayed automatically in your online browser inbox.