Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

WAF-FLE - An Open-source ModSecurity Console

WAF-FLE is an open-source Modsecurity console that allows modsecurity admin to store, view and search events sent by sensors using a graphical dashboard to drill-down and find quickly the most relevant events. It is designed to be fast and flexible, while keeping a powerful and easy to use filter, with almost all fields clickable to use on filter.

The initial resources required to run WAF-FLE are normally low. It is supported in virtual machines, and is supported in Linux and FreeBSD, but should run with other OS that support PHP and MySQL.

See also: ModSecurity - An Open Source Web Application Firewall Engine


  • Central event console
  • Support Modsecurity in "traditional" and "Anomaly Scoring"
  • Brings mlog2waffle as a replacement to mlogc
  • Receive events using mlog2waffle or mlogc
    • mlog2waffle: in real-time, following log tail, or batch scheduled in crontab
    • mlogc: in real-time, piped with ModSecurity log, in batch scheduled in crontab
  • No sensor limit
  • Drill down of events with filter
  • Dashboard with recent events information
  • Almost every event data and charts are "clickable" deepening the drill down filter
  • Inverted filter (to filter for "all but this item")
  • Filter for network (in CIDR format, x.x.x.x/22)
  • Original format (Raw) to event download
  • Use Mysql as database
  • Wizard to help configure log feed between ModSecurity sensors and WAF-FLE
  • Open Source released under GPL v2

Download WAF-FLE

You might also like:
  • 14 Best IP Hide Tools 2017
  • aidSQL - SQL Injection Detection Tool
  • - Tool For Injecting codes, Jamming WiFi, & Spying on WiFi Users
  • WebSurgery - Web Application Security Testing Suite
  • Beleth - Multi-threaded SSH Password Auditor
  • pyClamd - Using Clamav with Python
  • FuzzDB - Comprehensive Set Of Known Attack Sequences
  • SecLists - The Pentesters Companion
  • Cansina - Web Content Discovery Tool
  • GoatDroid - Self-Contained Android Pentesting Environment
  • ike-scan - Tool For Discovering, Fingerprinting, & Testing IPsec VPN Systems
  • PoshSec Framework - Graphical Interface For Powershell Scripts, Modules, & Cmdlets
  • NetStalker - Rule-Based Network Traffic Monitoring & Filtering Tool
  • FS-NyarL - Network Takeover & Forensic Analysis Tool
  • Umap - The USB Host Security Assessment Tool
  • FoxOne - Server Reconnaissance Scanner
  • SpearPhisher - Web Application To Send and Track Spear Phishing Campaigns
  • OS X Auditor - Mac Forensics Tool
  • SSLNuke - Tool For Intercepting & Decrypting Secure IRC Traffic

This post first appeared on Effect Hacking - Hacking Tools, How To Guides An, please read the originial post: here

Share the post

WAF-FLE - An Open-source ModSecurity Console


Subscribe to Effect Hacking - Hacking Tools, How To Guides An

Get updates delivered right to your inbox!

Thank you for your subscription