Karel
Karel
Hi, I created this patch that contains two new protocol enforcement rules. One of them is aimed at the Accept header, which only blocks any `charset` parameter that's not explicitly...
Rule 933210 is incapable of blocking `(sy.(st).em)(@id)` when it is passed to the following PHP snippet: ```php ``` This is because the trailing semi-colon is not injected by the attacker,...
This PR contains fixes for bypasses that were originally found and submitted by @hussein98d in `5ZLKNU33`.
This PR contains fixes for bypasses that were originally found and submitted by @hussein98d in `9LB1ZNRE`, `V4DR54LM` and `J27G5EJX`.
The ModSecurity `SecDisableBackendCompression` could not be configured in this docker image. This PR adds that option.
#### Proposal I would be interested in seeing a serialization/deserialization feature for the interpreter. This would allow anyone to run many scripts without the additional overhead of re-evaluating the original...
Currently the `SecDisableBackendCompression` option is completely unavailable, even though CRS requires it to be `On` by default. This PR fixes that. I've left out NGINX since it only supports V3...
#### Overview of the Issue A while ago, I setup Consul's intermediate CA by following the tutorial here: https://developer.hashicorp.com/consul/tutorials/vault-secure/vault-pki-consul-connect-ca. Additionally, I'm using the Nomad `connect` stanza to setup a service...
These are the results I'm getting when resolving the A records of the Alexa top 5k domains using the resolvers from this repository: ``` root@vps:~/dns-test# cat output-base.txt | sort -n...
### The following program `sample.go` triggers an unexpected result ```go package main import "fmt" var values = []string{ "hello", "there", } func print[T any](v ...[]T) { fmt.Println(v) } func main()...