ModSecurity Tools

These are some of the tools related to ModSecurity

My first steps for providing tools related to ModSecurity have been the web-audit library, which still is a core component in almost all of the other tools, and the AuditViewer.

Besides these two, there have been a lot of different tools around, such as:

  • ApacheConfig2Html
  • WebTap, monitoring an application without side-effects
  • org.jwall.web.audit, a Java library for reading mod_security audit-logs
  • AuditViewer, a viewer application for handling audit-log data and re-injection of single audit-events
  • TestClient, for re-injecting a whole audit-log file into a web-server (for evaluating/debugging modsecurity rulesets)

The jwall.org Tool-Box

Since most of the tools proved to be pretty useful when dealing with Apache or ModSecurity, I bundled them together in a standalone toolbox. This toolbox can be obtained here:

There exists a Blog entry which describes the toolbox in more detail.

Why Java?

The tools above are all implemented in the Java programming language. This is due to two reasons: first, I am quite firm with Java itself and second, because it allows the tools to be easily used in Unix as well as in Windows-Environments without having to install python, perl or whatever. The JavaVM of course needs to be installed ;-)