Skip to content
This repository has been archived by the owner on Jul 23, 2023. It is now read-only.

Latest commit

 

History

History
33 lines (19 loc) · 1.23 KB

README.md

File metadata and controls

33 lines (19 loc) · 1.23 KB

Logo

Shadow Daemon is a collection of tools to detect, record and prevent attacks on web applications. Technically speaking, Shadow Daemon is a web application firewall that intercepts requests and filters out malicious parameters. It is a modular system that separates web application, analysis and interface to increase security, flexibility and expandability.

This repository contains whitelist, blacklist and integrity rules. Feel free to submit your own rules or improvements.

Conventions

Directory structure

The application names are written in lower case. Space and other special characters are replaced by underscores.

appname/version

File structure

The rules are in the following files:

appname-version_blacklist.txt
appname-version_whitelist.txt
appname-version_integrity.txt

Sensitive user input that should be ignored is in this file:

appname-version_ignore.txt

Please note that in some cases you will have to replace ... in the ignore caller with the actual (json-encoded) path of that caller.

Scope

The sets should not include rules for installation or update scripts that should not be accessible in a production environment.