LibHTP ============================================================================ Copyright 2009-2010 Open Information Security Foundation Copyright 2010-2013 Qualys, Inc. ============================================================================ LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces. The goals of the project, in the order of importance, are as follows: 1. Completeness of coverage; LibHTP must be able to parse virtually all traffic that is found in practice. 2. Permissive parsing; LibHTP must never fail to parse a stream that would be parsed by some other web server. 3. Awareness of evasion techniques; LibHTP must be able to detect and effectively deal with various evasion techniques, producing, where practical, identical or practically identical results as the web server processing the same traffic stream. 4. Performance; The performance must be adequate for the desired tasks. Completeness and security are often detrimental to performance. Our idea of handling the conflicting requirements is to put the library user in control, allowing him to choose the most desired library characteristic. | IMPORTANT LIBHTP IS NOT YET CONSIDERED STABLE. USE AT YOUR OWN RISK. DO NOT | USE IN PRODUCTION. WORK IS CURRENTLY UNDER WAY TO ENSURE THAT | LIBHTP IS SECURE AND THAT IT PERFORMS WELL. | STATUS LIBHTP IS VERY YOUNG AT THIS POINT. IT WILL BE SOME TIME BEFORE | IT CAN BE CONSIDER COMPLETE. AT THE MOMENT, THE FOCUS OF DEVELOPMENT | IS ON ACHIEVING THE FIRST TWO GOALS. See the LICENSE, COPYING and NOTICE files distributed with this work for information regarding licensing, copying and copyright ownership. INSTALLATION ------------ Assuming you're using an already packaged version of LibHTP, the installation process should be as simple as: $ sudo chmod u+x autogen.sh $ ./autogen.sh $ ./configure $ make $ sudo make install If you've retrieved your LibHTP directly from the repository, you will need to perform the following steps first: 1. Update the version number in VERSION. 2. Run autogen.sh, which will update the build system. DOCUMENTATION ------------- The best documentation at this time is the code itself and the Doxygen output (which should be all right). There's also a quick start guide in the doc/ folder, which should give you enough information to get going. LICENSE ------- LibHTP is licensed under the BSD 3-Clause license (also known as "BSD New" and "BSD Simplified".) The complete text of the license is enclosed in the file LICENSE.
Traceableai/libhtp
LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces.
C++BSD-3-Clause