This collection of basic unit tests is designed for practicing on how to adjust the OWASP ModSecurity WAF Core Rule Set to pass each test. It's important to note that these tests are not reflective of real-life situations and are solely intended for honing your skills in tuning WAF rules in different scenarios.
- Docker/Podman
- Docker Compose
- Python
# Create Python virtual environment
python3 -m venv .venv
source .venv/bin/activate
# Install dependencies
pip install -r requirements.txt# Start WAF and placeholder web application
docker compose up -d
# Monitor WAF logs
docker compose exec -it modsecurity tail -f /var/log/nginx/modsecurity.log
podman-compose exec modsecurity tail -f /var/log/nginx/modsecurity.log
# Restart container to apply new rules
docker compose restart modsecurity
podman-compose restart modsecurity
# Use BurpSuite proxy for request inspection
export HTTP_PROXY=http://localhost:8080# Run all tests
pytest
# Run individual test
pytest -k test_cookie_1- Start WAF and webserver
docker compose up -d - Start monitoring of WAF logs
docker compose exec -it modsecurity tail -f /var/log/nginx/modsecurity.log - Review test definition in
test_waf.py - Execute individual test
pytest -k test_generic_form_1 - Review WAF log entries
- Update WAF rules
- Restart WAF
docker compose restart modsecurity - Repeat steps 4 to 7 until test reports success.
- Move to the next unit test.
The solutions to the exercises can be found in the solutions branch. To access them, you can use the link below.