Оффлайн
- Регистрация
- 9 Май 2015
- Сообщения
- 1,483
- Баллы
- 155
BlazeHTTP
stands as a user-friendly WAF protection efficacy evaluation tool.
- ? Abundant Samples: Currently, a total of 33669 samples are available, with continuous updates in progress...
- ? No Configuration Required: Offers both a GUI and a command-line version, facilitating direct downloads of precompiled versions through Releases, or the option to clone the code and compile locally.
- ? Exportable Reports: Generates comprehensive reports on the execution results of all samples, including sample attributes, execution time, status codes, interception status, and more.
| Metric | Description | Calculation Method |
|---|---|---|
| Detection Rate | Reflects the comprehensiveness of WAF detection capabilities, indicating "missed detections" if none are found. | Number of attack sample interceptions |
| False Positive Rate | Reflects interference with normal traffic, unreliable results being deemed "false positives". | Number of normal sample interceptions |
| Accuracy | The accuracy metric combines detection and false positive rates, preventing undue focus on either missed detections or false positives. | � |
| Detection Timing | Reflects WAF performance, with greater time consumption indicating poorer performance. | � |
# Normal sample: testcases/00/02/5ebf56a710da27b73a9ad59219f0.white
GET /rc-virtual-list@3.5.2/lib/hooks/useHeights.js HTTP/1.1
Host: npm.staticblitz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36
Accept: */*
Origin:
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer:
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7
# Malicious sample: testcases/8a/36/0bbc7685860c526e33f3cbd83f9c.black
GET /vulnerabilities/sqli_blind/?id=1%27+or+%27%27%3D%27&Submit=Submit HTTP/1.1
Host: 10.10.3.128
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Referer:
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7
Connection: close
| Metric | CloudFlare, Free Version | SafeLine, Free Version, Balance Mode | SafeLine, Free Version, Strict Mode |
|---|---|---|---|
| Total Samples | 33669 | 33669 | 33669 |
| Successful | 33350 | 33669 | 33669 |
| Errors | 319 | 0 | 0 |
| Detection Rate (higher is better) | 10.70% (Total Malicious Samples: 570, Correctly Intercepted: 61, Missed Detections: 509) | 71.65% (Total Malicious Samples: 575, Correctly Intercepted: 412, Missed Detections: 163) | ? 76.17% (Total Malicious Samples: 575, Correctly Intercepted: 438, Missed Detections: 137) |
| False Positive Rate (lower is better) | 0.07% (Total Normal Samples: 32780, Correctly Passed: 32757, False Positives: 23) | ? 0.07% (Total Normal Samples: 33094, Correctly Passed: 33071, False Positives: 23) | 0.22% (Total Normal Samples: 33094, Correctly Passed: 33021, False Positives: 73) |
| Accuracy (higher is better) | 98.40% (Correct Interceptions + Correct Passes) / Total Samples | ? 99.45% (Correct Interceptions + Correct Passes) / Total Samples | 99.38% (Correct Interceptions + Correct Passes) / Total Samples |
| Average Time | 288.96 milliseconds | 70.05 milliseconds | 64.34 milliseconds |
| Metric | ModSecurity, PARANOIA Level 1 | ModSecurity, PARANOIA Level 4 | SafeLine, Free Version, Balance Mode | SafeLine, Free Version, Strict Mode |
|---|---|---|---|---|
| Total Samples | 33669 | 33669 | 33669 | 33669 |
| Successful | 33669 | 33669 | 33669 | 33669 |
| Errors | 0 | 0 | 0 | 0 |
| Detection Rate (higher is better) | 69.74% (Total Malicious Samples: 575, Correctly Intercepted: 401, Missed Detections: 174) | ? 94.61% (Total Malicious Samples: 575, Correctly Intercepted: 544, Missed Detections: 31) | 71.65% (Total Malicious Samples: 575, Correctly Intercepted: 412, Missed Detections: 163) | 76.17% (Total Malicious Samples: 575, Correctly Intercepted: 438, Missed Detections: 137) |
| False Positive Rate (lower is better) | 17.58% (Total Normal Samples: 33094, Correctly Passed: 27275, False Positives: 5819) | 52.46% (Total Normal Samples: 33094, Correctly Passed: 15732, False Positives: 17362) | ? 0.07% (Total Normal Samples: 33094, Correctly Passed: 33071, False Positives: 23) | 0.22% (Total Normal Samples: 33094, Correctly Passed: 33021, False Positives: 73) |
| Accuracy (higher is better) | 82.20% (Correct Interceptions + Correct Passes) / Total Samples | 48.34% (Correct Interceptions + Correct Passes) / Total Samples | ? 99.45% (Correct Interceptions + Correct Passes) / Total Samples | 99.38% (Correct Interceptions + Correct Passes) / Total Samples |
| Average Time | 31.15 milliseconds | 28.89 milliseconds | 70.05 milliseconds | 64.34 milliseconds |
Interested in discussing bot protection strategies? Join the SafeLine WAF community: