An introduction to the LightBulb Framework at CENSUS S.A. Blog

This blog post serves as a followup to the B-Sides Athens 2017 talk entitled “Lightbulb framework – shedding light on the dark side of WAFs and Filters”. Three (3) examples are included:

• Using GOFA to assess ModSecurity CRS 2.99 against SQL injections
• Using SFADiff to assess PHPIDS 0.7 against XSS attacks
• Using SFADiff to create a distinguish tree for ModSecurity, PHPIDS 0.7 and PHPIDS 0.6

Read more at