Jekyll2018-06-07T09:44:41+00:00https://lightbulb-framework.github.io/LightBulb FrameworkLightBulb is an open source python framework for auditing web applications firewalls.Ioannis StaisAn introduction to the LightBulb Framework at CENSUS S.A. Blog2017-11-03T00:00:00+00:002017-11-03T00:00:00+00:00https://lightbulb-framework.github.io/blogpost/census-blogpost<p>This blog post serves as a followup to the B-Sides Athens 2017 talk entitled “Lightbulb framework – shedding light on the dark side of WAFs and Filters”. Three (3) examples are included:</p>
<ul>
<li>Using GOFA to assess ModSecurity CRS 2.99 against SQL injections</li>
<li>Using SFADiff to assess PHPIDS 0.7 against XSS attacks</li>
<li>Using SFADiff to create a distinguish tree for ModSecurity, PHPIDS 0.7 and PHPIDS 0.6</li>
</ul>
<p>Read more at <a href="https://census.gr/news/2017/11/03/an-introduction-to-the-lightbulb-framework/"><img src="https://census.gr/static/assets/img/logos/logo.png" alt="CENSUS S.A. blog post" /></a></p>Ioannis StaisThis blog post serves as a followup to the B-Sides Athens 2017 talk entitled “Lightbulb framework – shedding light on the dark side of WAFs and Filters”. Three (3) examples are included:Shedding Light on the Dark Side of WAFs and Filters at BSides Athens 20172017-06-15T00:00:00+00:002017-06-15T00:00:00+00:00https://lightbulb-framework.github.io/conferences/bsidesAth<p>This year, on BSides Athens, we will introduce a new and efficient graphical interface for the lightbulb framework, directly integrated to the Burp Proxy Suite.</p>
<p>The extension is designed to assist the penetration tester throughout the step of information gathering and black box penetration testing of unknown WAFs and complex filters. The new automata learning backed payload processor is a game changer that obsoletes the existing Intruder payloads and increases the overall chances of a successful evasion attack. The graphical interface allows easily access to an extendable library of WAF filters and injection attacks, and offers support for advanced rule based fingerprinting of popular open source WAFs.</p>
<p>Find us there!</p>
<p><a href="https://www.bsidesath.gr/schedule_.php"><img src="https://www.bsidesath.gr/logo/BSidesAthens_main.png" alt="BSidesPresentation" /></a></p>Ioannis StaisThis year, on BSides Athens, we will introduce a new and efficient graphical interface for the lightbulb framework, directly integrated to the Burp Proxy Suite.Presenting LightBulb Framework at BlackHat Europe 20162016-11-01T00:00:00+00:002016-11-01T00:00:00+00:00https://lightbulb-framework.github.io/conferences/bheu16<p>In this presentation we introduce a novel, efficient, approach for bypassing WAFs using automata learning algorithms.</p>
<p>We show that automata learning algorithms can be used to obtain useful models of WAFs. Given such a model, we show how to construct, either manually or automatically, a grammar describing the set of possible attacks which are then tested against the obtained model for the firewall. Moreover, if our system fails to find an attack, a regular expression model of the firewall is generated for further analysis. Using this technique we found over 10 previously unknown vulnerabilities in popular WAFs such as Mod-Security, PHPIDS and Expose allowing us to mount SQL Injection and XSS attacks bypassing the firewalls. Finally, we present LightBulb, an open source python framework for auditing web applications firewalls using the techniques described above. In the release we include the set of grammars used to find the vulnerabilities presented.</p>
<p><a href="http://www.slideshare.net/einstais/another-brick-off-the-wall-deconstructing-web-application-firewalls-using-automata-learning"><img src="http://image.slidesharecdn.com/anotherbrick-161109104820/85/another-brick-off-the-wall-deconstructing-web-application-firewalls-using-automata-learning-1-320.jpg" alt="BHEU16 Presentation" /></a></p>Ioannis StaisIn this presentation we introduce a novel, efficient, approach for bypassing WAFs using automata learning algorithms.Introducing SFADIFF at 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS ‘16)2016-10-01T00:00:00+00:002016-10-01T00:00:00+00:00https://lightbulb-framework.github.io/conferences/acm-ccs16<p>SFADIFF, the black-box differential testing framework based on Symbolic Finite Automata (SFA) learning, was presented in ACM CCS 2016</p>
<p><a href="https://www.youtube.com/watch?v=M1weW9Ko2yI"><img src="https://j.gifs.com/1jZqyV.gif" alt="SFADiff Presentation at ACM CCS 2016" /></a></p>
<p><em>G. Argyros, I. Stais, S. Jana, A. D. Keromytis, and A. Kiayias. 2016. SFADiff: Automated Evasion Attacks and Fingerprinting Using Black-box Differential Automata Learning. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS ‘16). ACM, New York, NY, USA, 1690-1701. doi: 10.1145/2976749.2978383</em></p>Ioannis StaisSFADIFF, the black-box differential testing framework based on Symbolic Finite Automata (SFA) learning, was presented in ACM CCS 2016GOFA Presentation at 2016 IEEE Symposium on Security and Privacy (SP), San Jose, CA2016-06-15T00:00:00+00:002016-06-15T00:00:00+00:00https://lightbulb-framework.github.io/conferences/ieee-sp2016<p>SFA Learning and GOFA algorithm, were presented in IEEE SP 2016, at the “Back in Black: Towards Formal, Black Box Analysis of Sanitizers and Filters” presentation.</p>
<p><a href="https://www.youtube.com/watch?v=7jaXhhA-H68"><img src="https://j.gifs.com/qjB5vG.gif" alt="Back in Black: Towards Formal, Black Box Analysis of Sanitizers and Filters" /></a></p>
<p><em>G. Argyros, I. Stais, A. Kiayias and A. D. Keromytis, “Back in Black: Towards Formal, Black Box Analysis of Sanitizers and Filters,” 2016 IEEE Symposium on Security and Privacy (SP), San Jose, CA, 2016, pp. 91-109. doi: 10.1109/SP.2016.14</em></p>Ioannis StaisSFA Learning and GOFA algorithm, were presented in IEEE SP 2016, at the “Back in Black: Towards Formal, Black Box Analysis of Sanitizers and Filters” presentation.