The Web Application Firewall (WAF) is a Python-based Flask microservice that runs on a server and provides real-time analysis and protection for web applications. It leverages machine learning (ML) techniques to analyze incoming traffic by sniffing network packets and making predictions based on a trained ML model.
- Real-time Traffic Analysis: The WAF captures and inspects network traffic to identify potential threats and attacks on web applications.
- Machine Learning Model: It utilizes a pre-trained ML model to classify traffic and make predictions about its maliciousness.
- Customizable Rule Set: The WAF allows you to define and configure custom rules to enhance the detection and protection capabilities.
- Logging and Reporting: It generates detailed logs and reports for analyzed traffic, including identified threats, classification results, and other relevant information.
- Integration with Flask: The WAF is built as a Flask microservice, making it easy to integrate into existing Flask-based web applications.
- Clone the repository:
git clone <repository_url> - Install the required dependencies:
pip install -r requirements.txt - Configure the WAF settings in the
config.pyfile, including network interface, ML model path, and other options. - Start the WAF service:
python app.py
For detailed instructions and additional configuration options, please refer to the Installation Guide.
- Ensure that the WAF service is running and listening on the specified network interface and port.
- Integrate the WAF with your web application by directing incoming traffic to the WAF's endpoint or by configuring it as a reverse proxy.
- The WAF will analyze the incoming traffic, classify it using the ML model, and apply the defined rules to identify and mitigate potential threats.
- Monitor the WAF logs and reports for any detected threats or suspicious activities.
For more information on how to use and configure the WAF, please refer to the User Guide.
Contributions to the WAF project are welcome! If you have any ideas, bug reports, or feature requests, please submit them via GitHub issues. You can also submit pull requests with code improvements or additional functionality.
Please review the Contribution Guidelines for more details on how to contribute to the project.
The WAF project is licensed under the MIT License.
- The WAF makes use of various open-source libraries and tools, including Flask, scikit-learn, and Scapy. We would like to acknowledge and thank the developers of these projects for their valuable contributions.
If you have any questions, feedback, or inquiries, please contact our support team at support@xtensible.dev